zsync - 5 min read
zsync is a file transfer program. It allows you to download a file from a remote server, where you have a copy of an older version of the file on your computer already. zsync downloads only the new parts of the file. It uses the same algorithm as rsync. However, where rsync is designed for synchronising data from one computer to another within an organisation, zsync is designed for file distribution, with one file on a server to be distributed to thousands of downloaders. zsync requires no special server software — just a web server to host the files — and imposes no extra load on the server, making it ideal for large scale file distribution. zsync is open source, distributed under version 2 of the Artistic License. Feedback, bugs reports and patches are welcome. zsync fills a gap in the technology available for large-scale file distribution. Three key points explain why zsync provides a genuinely new technique for file distribution: — zsync uses the rsync algorithm, but runs it on …
qutebrowser - 4 min read
qutebrowser is a keyboard-focused browser with a minimal GUI. It’s based on Python and PyQt5 and free software, licensed under the GPL. It was inspired by other browsers/addons like dwb and Vimperator/Pentadactyl. See the github releases page for available downloads and the INSTALL file for detailed instructions on how to get qutebrowser running on various platforms. In addition to the topics mentioned in this README, the following documents are available: Free training course to remember those key bindings You can get help in the IRC channel #qutebrowser on Freenode (webchat), or by writing a message to the mailinglist at qutebrowser@lists.qutebrowser.org. There’s also an announce-only mailinglist at qutebrowser-announce@lists.qutebrowser.org (the announcements also get sent to the general qutebrowser@ list). You want to contribute to qutebrowser? Awesome! Please read the contribution guidelines for details and useful hints. If you found a bug or have a feature r…
p2p social networking with Rotonde & Beaker Browser - 6 min read
Rotonde is an experiment into the idea of self-hosted social media feeds. As described by its own specification, it is “platform agnostic”, meaning that it doesn’t need to be tied to a specific website, service or API. You can host the data anywhere, and distribute it in any fashion you like, as long as the structure of the data is correct. @neauoire has opened a new codebase that brings the Rotonde concept to Beaker Browser, a p2p web-browser built on top of the dat protocol. This guide will demonstrate setup of Rotonde within Beaker, allowing you to create new posts and follow other Rotonde users. The documentation and screenshots in this guide are designed for both MacOS and Linux users. Beaker Browser is not currently available for Windows. If you haven’t already, install a copy of Beaker Browser. The guide below will demonstrate how to install and use Rotonde, but if you’d like to know more about how to use Beaker, visit their Documentation website. Creating a new Rotonde f…
extending the microservice idea to frontend development - 16 min read
Techniques, strategies and recipes for building a modern web app with multiple teams using different JavaScript frameworks. The term Micro Frontends first came up in ThoughtWorks Technology Radar at the end of 2016. It extends the concepts of micro services to the frontend world. The current trend is to build a feature-rich and powerful browser application, aka single page app, which sits on top of a micro service architecture. Over time the frontend layer, often developed by a separate team, grows and gets more difficult to maintain. That’s what we call a Frontend Monolith. The idea behind Micro Frontends is to think about a website or web app as a composition of features which are owned by independent teams. Each team has a distinct area of business or mission it cares about and specialises in. A team is cross functional and develops its features end-to-end, from database to user interface. However, this idea is not new, in the past it went by the name of Frontend Integration for …

congress-edits (@congressedits) - 3 min read
Skip to content I’m a bot that tweets anonymous Wikipedia edits that are made from IP addresses in the US Congress. You can find the code at https://github.com/edsu/anon Are you sure you want to view these Tweets? Viewing Tweets won’t unblock @congressedits Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks. Twitter will use this to make your timeline better. Thanks….
Working at Google seemed like a dream job. The reality has been a tedious, pointless nightmare. - 5 min read
PostEverything Perspective Interpretation of the news based on evidence, including data, as well as anticipating how events might unfold based on past events Working at Google seemed like a dream job. The reality has been a tedious, pointless nightmare. A day in the life of a human resources ‘talent channels specialist.’ Be the first to know about new stories from PowerPost. Sign up to follow, and we’ll e-mail you free updates as they’re published. You’ll receive free e-mail news updates each time a new story is published. A day in the life of a human resources ‘talent channels specialist.’ The banner atop the Google Careers portal caught my eye back when I was one of 3 million hungry applicants: “Do Cool Things That Matter.” It speaks at once of the tech industry’s casual hipness and its passionate purpose. It spoke to me. But while it probably describes some jobs at Google, it hardly captures my experience these past two years in the company’s human …

Why physicists still use Fortran - 13 min read
“I don’t know what the programming language of the year 2000 will look like, but I know it will be called FORTRAN.” – Charles Anthony Richard Hoare, circa 1982 Fortran is rarely used today in industry — one ranking ranks it behind 29 other languages. However, Fortran is still a dominant language for the large scale simulation of physical systems, ie. for things like the astrophysical modeling of stars and galaxies, hydrodynamics codes (cf. Flash), large scale molecular dynamics, electronic structure calculation codes (cf. SIESTA), large scale climate models, etc. In the field of high performance computing (HPC), of which large scale numerical simulation is a subset, there are only two languages in use today — C++ and “modern Fortran” (Fortran 90/95/03/08). The popular Open MPI libraries for parallelizing code were developed for these two languages. So basically, if you want fast code that an run on many processors, you are limited to these two options. Modern Fortran also has a feat…
Why I use Object Pascal - 8 min read
Pascal is considered by many programmers as an old language from the past. And although it is in fact one of the older programming languages, it has greatly evolved into a modern, full featured language over the last decades. Pascal was initially developed in 1969 by Dr. Niklaus Wirth on the ETH of Zurich. It was used as a teaching language as well as a language for business applications. With the appearance of the Classic Mac OS, Pascal was the language of choice propagated by Apple for serious application development. As an example, the first version of Photoshop was made with Pascal. Pascal was standardized as an ISO standard in the early 90s. But unlike other languages, there were different Pascal dialects and compilers since the very beginning. One of the most favourite versions, which made Pascal one of the most well-known and widespread programming languages of the 80s and the early 90s, was Borlands Turbo Pascal. Over time some object-oriented additions were added to the lang…
![]()
Welcome to f.lux v4 - 3 min read
f.lux development is supported by people like you. Click here to send us $10 to support our work. Thank you! This new version of f.lux adapts to your schedule with a super-strong “bedtime mode” that ramps up when your body needs less blue light, and it has tons of new features and better performance too. There’s one important thing you have to do to make this work. Go set your wake time in the f.lux preferences: Setting your wake time is important, so f.lux can calculate when to remove blue light a while before bed. (And even the people who don’t sleep very much need more darkness at night.) f.lux is designed to remove a large majority of the light that messes up your sleep. While you can use a gentler setting to relieve eyestrain, it might not affect your sleep as much as you expect–they’re two different things. To explain the difference, we’re bringing numbers about how light affects your body right into the app, so you can pick the right settings for you. New in this version (…
![]()
Vulnerable RSA generation (CVE-2017-15361) [CRoCS wiki] - 5 min read
A newly discovered vulnerability in generation of RSA keys used by a software library adopted in cryptographic smartcards, security tokens and other secure hardware chips manufactured by Infineon Technologies AG allows for a practical factorization attack, in which the attacker computes the private part of an RSA key. The attack is feasible for commonly used key lengths, including 1024 and 2048 bits, and affects chips manufactured as early as 2012, that are now commonplace. Assess your keys now with the provided offline and online detection tools and contact your vendor if you are affected. Major vendors including Microsoft, Google, HP, Lenovo, Fujitsu already released the software updates and guidelines for a mitigation. Full details including the factorization method will be released in 2 weeks at the ACM CCS conference as ‘The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli’ (ROCA) research paper. A newly discovered vulnerability in generation of…
Vol. 2, Pt. 3: Exploiting The Wi-Fi Stack on Apple Devices - 1 min read
News and updates from the Project Zero team at Google…
The trouble with text-only email [LWN.net] - 6 min read
The following subscription-only content has been made available to you by an LWN subscriber. Thousands of subscribers depend on LWN for the best news from the Linux and free software communities. If you enjoy this article, please consider accepting the trial offer on the right. Thank you for visiting LWN.net! Try LWN for free for 1 month: no payment or credit card required. Activate your trial subscription now and see why thousands of readers subscribe to LWN.net. Mozilla’s manifesto commits the organization to a number of principles, including support for individual privacy and an individual’s right to control how they experience the Internet. As a result, when Mozilla recently stated its intent to remove the “text only” option from its mailing lists — for the purpose of tracking whether recipients are reading its emails — the reaction was, to put it lightly, not entirely positive. The text-only option has been saved, but the motivation behind this ch…
The easiest way to send a fax - 1 min read
The easiest way to send a fax. Drop PDF files here or click to upload You can send PDFs of contracts, applications, bills, invoices, or anything. (see supported countries here). Include a cover page with your information and comments. We’ll send you a confirmation email when your documents have been successfully faxed. Payments are processed securely via Stripe or Paypal. We never save your credit cards. We built Fax Rocket to make it really easy to send out a fax: no hunting for a business center and sending your confidential documents from a public location. Fax Rocket is for anytime you have to fax a document - whether you are a lawyer sending documents, an office manager mailing files, a contractor sending an invoice, or a doctor’s office applying for a license. We’ll fax it out for you immediately. You don’t even have to leave your desk!…
The Thoughts of Chairman Xi - 33 min read
Xi Jinping is tightening his grip on power. How did one man come to embody China’s destiny? There aren’t many 21st Century leaders who lived in a cave and laboured as a farmer before clawing their way to power. Five decades ago, as the chaos of the Cultural Revolution engulfed Beijing, the 15-year-old Xi Jinping embarked on a harsh rural life amid the yellow canyons and mountains of inland China. The region where Xi farmed was a bastion of the Communists during the civil war. Yan’an came to call itself “the holy land of the Chinese revolution”. Now President Xi Jinping’s second five-year term as leader will be confirmed at the Chinese Communist Party Congress. He leads a confident, rising superpower, but one which jealously polices what is said about its leaders. Xi’s own story has been sanitised and while much of rural China has seen breakneck urbanisation, the village where he grew up is now a pilgrimage destination for the Communist Party faithful. In 1968 Mao had decreed tha…

The Secret Lives of Leonardo da Vinci - 33 min read
In Renaissance Florence, a number of designated boxes placed throughout the city allowed citizens to make anonymous denunciations of various moral crimes—in 1461, for example, the artist-monk Filippo Lippi was accused of fathering a child with a nun. But the crime that the government was really trying to control was sodomy, so notoriously prevalent that contemporary German slang for a homosexual was Florenzer. The common nature of the offense did not erase the threat of serious consequences. In 1476, Leonardo da Vinci, on the verge of his twenty-fourth birthday, was named as one of four men who had practiced “such wickedness” with the seventeen-year-old apprentice of a local goldsmith. There is little doubt that Leonardo was arrested. Although any time he may have spent in jail was brief, and the case was dismissed, two months later, for lack of corroborating witnesses, he had plenty of time to ponder the possible legal punishments: a large fine, public humiliation, exile, burning at t…

The Python Graph Gallery - 1 min read
Welcome to the Python Graph Gallery. This website displays hundreds of charts, always providing the reproducible python code! It aims to showcase the awesome dataviz possibilities of python and to help you benefit it. Feel free to propose a chart or report a bug. Any feedback is highly welcome. Get in touch with the gallery by following it on Twitter, Facebook, or by subscribing to the blog….

The Mathematical Genius of Auto-Tune - 21 min read
Auto-Tune — one of modern history’s most reviled inventions — was an act of mathematical genius. The pitch correction software, which automatically calibrates out-of-tune singing to perfection, has been used on nearly every chart-topping album for the past 20 years. Along the way, it has been pilloried as the poster child of modern music’s mechanization. When it “one of the 50 worst inventions of the 20th century”, few came to its defense. But often lost in this narrative is the story of the invention itself, and the soft-spoken savant who pioneered it. For inventor Andy Hildebrand, Auto-Tune was an incredibly complex product — the result of years of rigorous study, statistical computation, and the creation of algorithms previously deemed to be impossible. Hildebrand’s invention has taken him on a crazy journey: He’s given up a lucrative career in oil. He’s changed the economics of the recording industry. He’s been sued by hip-hop artist T-Pain. And in the course of it all, he’s rai…

Tesla fired hundreds of employees in past week - 2 min read
(Reuters) - Luxury electric vehicle maker Tesla Inc (TSLA. O) fired about 400 employees this week, including associates, team leaders and supervisors, a former employee told Reuters on Friday. The dismissals were a result of a company-wide annual review, Tesla said in an emailed statement, without confirming the number of employees leaving the company. “It’s about 400 people ranging from associates to team leaders to supervisors. We don’t know how high up it went,” said the former employee, who worked on the assembly line and did not want to be identified. Though Tesla cited performance as the reason for the firings, the source told Reuters he was fired in spite of never having been given a bad review. The Palo Alto, California-based company said earlier in the month that “production bottlenecks” had left Tesla behind its planned ramp-up for the new Model 3 mass-market sedan. The company delivered 220 Model 3 sedans and produced 260 during the third quarter. In July, it began prod…
Switching from Common Lisp to Julia - 7 min read
I have written this post for developers in the Common Lisp community who asked why I am switching to Julia. It may only be relevant for the small set of people who use Common Lisp for scientific computing. I used Common Lisp for scientific computing for a while, from 2008 to about 2015, in combination with R and C++. This choice may surprise people who don’t know about projects like Maxima or FEMLISP, but Common Lisp is not a bad language for scientific computing: it has a great FFI, compilers like SBCL can generate very fast code with a few hints, and the language itself is composed of convenient features that interact nicely. However, around 2012 I started to become very frustrated with Common Lisp. Despite various attempts, it became very clear that libraries for scientific computing were not goint to take off: there were many one-person efforts (including mine), but very few of them evolved into general tools. Initially, I was puzzled by this: Common Lisp is an extremely conv…
Stephennie Mulder on Twitter - 2 min read
Skip to content UT Austin assoc. prof., Medieval Islamic art & archaeology - Syriaphile - Cultural heritage activist - Wine and cheese activist - Mother of three small dragons You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more Public · Anyone can follow this list Private · Only you can access this list Here’s the URL for this Tweet. Copy it to easily share with friends. Add this Tweet to your website by copying the code below. Learn more Add this video to your website by copying the code below. Learn more Hmm, there was a problem reaching the server. By embedding Twitter content in your website or app, you are agreeing to the Twitter Developer Agreement and Developer Policy. Why you’re seeing this ad Not on Twitter? Sign up, tune into the things you care about, and get updates as they happen. » See SMS short…

Someone Created a Tor Hidden Service to Phish my Tor Hidden Service - 10 min read
SMS Privacy is available as a Tor hidden service, and it turns out ~10% of users actually use it that way. This post details what I found when somebody created a phishing site of my Tor hidden service. Charlie was poking around the other day and found that a Google search for “site:*.onion.to smsprivacy” turned up an unexpected result. smspriv6fynj23u6.onion is the legitimate hidden service name, but there is another result with a website that looks identical: . A brief investigation showed that the site was a simple proxy: page requests sent to the phishing site were forwarded on to the real hidden service, and responses forwarded back, apart from a few idiosyncracies: The header tells the HTTP client how many bytes of content to expect. A dumb proxy server that is intending to pass the content through unchanged could simply pass the header through unchanged as well: it knows the length won’t change if the content can’t change. That the proxy server thinks the length of the con…
Scientists discover more than 600 new periodic orbits of the famous three-body problem - 4 min read
Brief overview of the six newly-found families of periodic three-body orbits. Blue line: orbit of Body-1; red line: orbit of Body-2; black line: orbit of Body-3 Credit: ©Science China Press The famous three-body problem can be traced back to Isaac Newton in 1680s. Studies on the three-body problem led to the discovery of the so-called sensitivity dependence of initial condition (SDIC) of chaotic dynamic systems. Today, chaotic dynamics are widely regarded as the third great scientific revolution in physics in 20th century, comparable to relativity and quantum mechanics. Thus, studies on the three-body problem have very important scientific significance. In 1890, Poincare determined that trajectories of three-body systems are commonly non-periodic, i.e. not repeating. This can explain why it is so hard to obtain the periodic orbits of three-body systems. In the 300 years since the three-body problem was first recognized, only three families of periodic orbits had been found. In 2013, …

Questions I'm asking in interviews 2017 - 5 min read
As my RC batch draws to a close, I’m interviewing once again. In the vein of Julia Evans’ great blog post, “Questions I’m asking in interviews”, here’s a set of questions to ask your recruiter, interviewers, and/or prospective manager. Obviously you won’t ask all of these at once — here’s a strategy: Go through this list (and others such as Julia’s) and pick out a few that seem especially applicable. These might be pain points you’ve encountered at past jobs, must-haves for the future (accessibility? day care reimbursement? remote-friendliness?), or things you’ve always wanted in a job (standing desks! office pets! catered dinner!). Ask these to the appropriate people at each job. For each company, pick out a few more questions that particularly apply to them. Does this large company have flexible policies? Does this small company have good room for advancement and growth? Does this startup have a sustainable business model? Ask these to that company in particular. Questions to ask…
Powerful tools to showcase your work - 2 min read
More and more people are choosing to work for themselves, whether as business consultants or creative pros. But doing everything yourself can be a challenge. Putting your best foot forward isn’t always easy, and dealing with all the busywork—like managing files and sending follow-up emails—can eat into your creative flow. That’s why we’re launching Dropbox Professional, a new plan that lets you store, share, and track your work from one place. It’s designed specifically for independent workers, and it comes with two new features: Dropbox Showcase and Dropbox Smart Sync. Dropbox Showcase: A simpler way to create and present Showcase gives you a new way to present your work in a single, professionally branded page—a great tool for designers, salespeople, and marketing pros. Instead of burying your work in a pile of links or email attachments, Showcase lets you tell a story. You can add visual previews, customized layouts, and informative captions, so people can see the right content, w…

Perceptually uniform color spaces - 11 min read
“In visual perception a color is almost never seen as it really is - as it physically is. This fact makes color the most relative medium in art.” If you rounded up a group of graphic designers and asked them to define the concept of perceptually uniform color spaces, there is a good chance that none of them would know what to say. On the surface, perceptual uniformity is somewhat easy to explain: These color spaces are human-friendly alternatives to color spaces such as sRGB, and they are incredibly helpful for designers working in code. Despite of this, they can feel daunting to use in programmatic designs. Perceptually uniform color spaces have roots in scientific color theory, and this community does little to make them accessible to a larger audience. In this chapter, we will look at the concept of perceptually uniform color spaces, and answer some common questions related to them: What are they? Why do we need them? How can we use them in code? What is wrong with sRGB? Let us p…
Paperclips - 1 min read
Manufacturing Wire Production Available Matter: g Acquired Matter: g ( g per sec) Wire: inches ( inches per sec) Space Exploration % of universe explored Launched: Descendents: Total: Business Available Funds: $ Unsold Inventory: Price per Clip: $ Public Demand: % Cost: $ Manufacturing Clips per Second: Cost: $ Computational Resources Operations: / Swarm Computing Drones: Rate at which probes gain access to new matter Exploration: Rate at which probes generate more probes (each new probe costs 100 quadrillion clips) Self-Replication: Rate at which probes build factories (each new factory costs 100 million clips) Factory Production: Rate at which probes spawn Harvester Drones (each new drone costs 2 million clips) Harvester Drone Production: Rate at which probes spawn Wire Drones (each new drone costs 2 million clips) Wire Drone Production:…
Over-Qualification, Wut? - 3 min read
Do you want to join Facebook?Sign Up My father was laid off from SRI at 55. He spent the next two years bouncing around the Valley fruitlessly looking for work, lowering his expectations all the while. Eventually he gave up, tucked his tail between his legs, and retired to southern Oregon. My father wasn’t rejected for his lack of skills. He could make a 6502 bark, roll over, and shake hands. His code worked. He knew when to clean up, so he was able to add features indefinitely. He hit his deadlines. He could code, he just couldn’t find a job.I still carry some of the pain of his situation with me. I’m afraid of “aging out” of technology. I’ve worked to keep myself employable. I’m already seeing responses most easily explained by age-related bias, though, so my time is coming.I tweeted this the other day:“You are over-qualified for the position and we don’t think you’d be satisfied” is de facto age discriminationThe subsequent conversation was diverse and intense enough that I want to…
Open Source Game Clones - 1 min read
This site tries to gather open-source remakes of great old games in one place. If you think that something is missing from the list - please go to our GitHub repository and create an issue or even a pull request! Since all these projects are open-source you can help them and make this world a better place. Or at least you can play something to appreciate the effort people put in them. Similar resources: check out Free Gamer, a blog dedicated to open source game news, and Unix ASCII games, a list of opensource text-based games….
Ohm: Parsing Made Easy - 14 min read
is a parser generator for JavaScript, which was created at to support our programming language research. We think of it as a that lets you quickly prototype new languages and experiment with extensions to existing languages. You can use Ohm to parse custom file formats or quickly build parsers, interpreters, and compilers for programming languages. In this article, we’ll introduce the basic features of Ohm by creating a simple arithmetic language and writing an interpreter for that language. When we’re done, we’ll have a desktop calculator that can evaluate expressions like The quickest way to use Ohm in the browser is to load it directly from , by adding the following script tag to your page:Under Node.js, you’ll first need to install the to load the Ohm module into your script:Ohm consists of two parts: a domain-specific language, and a library. The (PEGs), which are a formal way of describing syntax, similar to regular expressions and context-free grammars. The provides a JavaSc…
Oculus - 1 min read
See more of Oculus on FacebookLog InCreate New AccountSee more of Oculus on FacebookCreate New Account…

Notes on Data Structures and Programming Techniques (CPSC 223, Spring 2015) - 599 min read
Lecture schedule Syllabus Synopsis of the course Use of outside help Introduction Why should you learn to program in C? Why should you learn about data structures and programming techniques? The Zoo and the Zoo Annex Getting into the room Remote use Access using FastX How to compile and run programs Some notes on what the program does The Linux programming environment The shell Getting a shell prompt in the Zoo Text editors Writing C programs with Emacs Using Vi instead of Emacs Debugging tools The GNU debugger gdb Common applications of gdb Valgrind Examples of some common valgrind errors Performance tuning Profiling with gprof Version control Looking at old versions The C programming language Numeric data types size_t and ptrdiff_t Converting to and from strings Floating-point types Conversion to and from integer types Variables Input and output Statements and control structures Compound statements Loops Functions Pointers Strings String buff…
New Research on How Ride-Hailing Impacts Travel Behavior - 7 min read
A new report on the adoption and use of ride-hailing finds that services like Uber and Lyft attract passengers away from public transit, biking, and walking, in addition to serving as a complementary mode (e.g., for commuter rail). The UC Davis Institute of Transportation Studies research is the first-ever study with representative data from major cities across America on ride-hailing and its impact on travel decisions. Ride-hailing services like Uber and Lyft are clearly shaping the way that people move in major cities. However, due to their rapid rise in popularity, the relatively slow pace of regulation, and lack of available data on how, when, and why people use these services, city planners and transportation researchers have been limited in their ability to provide insights into how ride-hailing is changing travel choices and plan for the future. The downside is that those who are responsible for making important long-range decisions about transportation infrastructure and vehic…

Metaballs - 6 min read
See the Pen amoeba by Varun Vachhar (@winkerVSbecks) on CodePen. Metaballs, not to be confused with meatballs, are organic looking squishy gooey blobs. From a mathematical perspective they are an iso-surface. They are rendered using equations such as f(x,y,z) = r / ((x - x0)2 + (y - y0)2 + (z - z0)2). Jamie Wong has a fantastic tutorial on rendering metaballs with canvas. We can replicate the metaball effect using CSS & SVG by applying both blur and contrast filters to an element. For example in Chris Gannon’s Bubble Slider below. See the Pen SVG Bubble Slider by Chris Gannon (@chrisgannon) on CodePen. I discovered another approach to creating this metaball effect from Paper.js examples. Back in the days of Scriptographer Hiroyuki Sato created a script for generating gooey blobs in Adobe Illustrator. Unlike the previous techniques this does not render pixels or rely on filters. Instead it connects two circles with a membrane. Which means that the we can generate the entire blob as …
Legal marijuana is saving lives in Colorado, study finds - 4 min read
Wonkblog Analysis Interpretation of the news based on evidence, including data, as well as anticipating how events might unfold based on past events Be the first to know about new stories from PowerPost. Sign up to follow, and we’ll e-mail you free updates as they’re published. You’ll receive free e-mail news updates each time a new story is published. Marijuana legalization in Colorado led to a “reversal” of opiate overdose deaths in that state, according to new research published in the American Journal of Public Health. “After Colorado’s legalization of recreational cannabis sale and use, opioid-related deaths decreased more than 6% in the following 2 years,” write authors Melvin D. Livingston, Tracey E. Barnett, Chris Delcher and Alexander C. Wagenaar. The authors stress that their results are preliminary, given that their study encompasses only two years of data after the state’s first recreational marijuana shops opened in 2014. While numerous studies have …

Learn To Develop Secure Software - 7 min read
Education is the best way to mitigate security breaches. Security is not only a business decision, but also a moral decision. Always seek advice from an experienced security professional. Study and question everything. Break to learn, don’t learn to break. Don’t assume something is secure without testing it. Do the unexpected. Knowledge is power. Be cautious and don’t underestimate the opponent. Understand your risks and how to mitigate them. Identify resources and systems to protect. View customer and business information as a liability. Understand who can interact with the system. Identify methods to interact with the system. Security internal to a system is just as important as the system’s boundary security. Understand the skill and resources required to successfully exploit attacks vectors. Identify who owns the security of the system. Review plans for when a breach is attempted and when it occurs. The Achilles heel of many systems. Know who you are communicating with…

Kubrick's Interview by Joseph Gelmis - 54 min read
Excerpted from “The Film Director as Superstar” (Doubleday and Company: Garden City, New York) Copyright ©1970 Joseph Gelmis, All Rights Reserved Gelmis: 2001 took about three years to make - six months of preparation, four and a half months of working with the actors, and a year and a half of shooting special effects. How much time will Napoleon take out of your life? Considerably less. We hope to begin the actual production work by the winter of 1969, and the exterior shooting - battles, location shots, etc. – should be completed within two or three months. After that, the studio work shouldn’t take more than another three or four months. Where would the exteriors be shot? Actual sites? I still haven’t made a final decision, although there are several promising possibilities. Unfortunately, there are very, very few actual Napoleonic battlefields where we could still shoot; the land itself has either been taken over by industrial and urban development, preempted by his…
Keyboard latency - 18 min read
If you look at “gaming” keyboards, a lot of them sell for $100 or more on the promise that they’re fast. Ad copy that you’ll see includes: * a custom designed keycap that has been made shorter to reduce the time it takes for your actions to register * Wield the ultimate performance advantage over your opponents with light operation 45g key switches and an actuation 40% faster than standard Cherry MX Red switches Despite all of these claims, I can only find one person who’s publicly benchmarked keyboard latency and they only tested two keyboards. In general, my belief is that if someone makes performance claims without benchmarks, the claims probably aren’t true, just like how code that isn’t tested (or otherwise verified) should be assumed broken. The situation with gaming keyboards reminds me a lot of talking to car salesmen: Salesman: this car is super safe! It has 12 airbags! Me: that’s nice, but how does it fare in crash tests? Salesman: 12 airbags! Sure, gaming keyboards ha…
Jud! You are on fire - 19 min read
Source : Chapter 7 in author Ron Knott’s new book : ‘ SUPERSONIC COWBOYS ‘ (sharing forty-five Crusader stories) “ I Fell 15,000 Feet And Lived “ by Cliff Judkins [abridged] “Jud, you’re on fire, get out of there!” Needless to say that startling command got my attention. As you will read in this report, this was just the beginning of my problems! It had all started in the brilliant sunlight 20,000 feet above the Pacific Ocean as I nudged my F-8 Crusader jet into position behind the lumbering, deep-bellied refueling plane. After a moment of jockeying for position, I made the connection and matched my speed to that of the slowpoke tanker. I made the graceful task of plugging into the trailing fuel conduit so they could pump fuel into my tanks. This in-flight refueling process was necessary, and routine, because the F-8 could not hold enough fuel to fly from California to Hawaii. This routine mission was labeled “Trans-Pac,” meaning Flying Airplanes across the Pacific…
Jeremy the Lefty Snail Is Dead. His Offspring Are All Right. - 4 min read
Jeremy, the beloved left-coiled snail of Britain, has died. He is survived by the tiny snail on his shell here, and up to four dozen others. Jeremy, the beloved left-coiled snail of Britain, has died. He is survived by the tiny snail on his shell here, and up to four dozen others. Let’s have a moment of silence for Jeremy, the lefty brown garden snail, found dead Wednesday in a refrigerator in a British research lab. Jeremy was a rare snail, with an unusual shell that made him stand out among other garden snails. He will be missed. Jeremy won international fame for a mutation that caused his shell to coil left instead of right. For years, people searched for another lefty snail with which he could mate. Shortly before his death, she was found. His legacy will continue in the genetic knowledge gained from the lefty snail offspring they produced together. Jeremy was discovered in a compost heap in South West London by a retired scientist from The Natural History Museum. He recognized… image:
Is Haskell the right language for teaching functional programming principles? - 1 min read
Teacher and researcher at the University of Kent; functional programmer in Haskell and Erlang; builder of refactoring tools; blogger and textbook author….

Inside the vintage Xerox Alto's display, a tiny lightbulb keeps it working - 1 min read
…

ICOs at the End of 2017: What We Think We Know and What We Don't Know - 9 min read
Initial coin offerings (ICOs), token pre-sales, and similar sales of blockchain-based coins and tokens are quickly becoming an important fundraising option, and an important method of attempting to seed a token-based platform with sufficient “currency” (that is, tokens) to permit the platform to function as intended. With the end of 2017 in sight, it is useful to catalog what we think we know and what we don’t yet know about the regulatory landscape governing token sales. What We Think We Know Some tokens are and always will be securities. Tokens that offer holders dividends, interest, or profit or revenue participations, for example, generally are securities. Similarly, shares, partnership interests, and limited liability company interests issued in the form of tokens are still securities. These tokens typically will never lose their status as securities. Tokens that are issued before they can be used generally are securities, even if eventually they may not be securities. In thes… image:
How to set up world-class continuous deployment using free hosted tools - 6 min read
I’m going to describe a way to put together a world-class continuous deployment infrastructure for your side-project without spending any money. With continuous deployment every code commit is tested against an automated test suite. If the tests pass it gets deployed directly to the production environment! How’s that for an incentive to write comprehensive tests? Each of the tools I’m using offers a free tier which is easily enough to handle most side-projects. And once you outgrow those free plans, you can solve those limitations in exchange for money! I’ll be using the code for my blog as an example. It’s a classic Django application, with a small (OK, tiny) suite of unit tests. The tests are run using the standard Django ./manage.py test command. Writing a Django application with tests is outside the scope of this article. Thankfully the official Django tutorial covers testing in some detail. Travis CI is an outstanding hosted platform for continuous integration. Given a small …
How I Reduced My Monthly Bill by 92% - 4 min read
Already have an account? Login here Note: By joining, you will receive periodic emails from Coursetro. You can unsubscribe from these emails. Create account MailChimp vs. Amazon SES - How I Reduced My Monthly Bill by 92% I joined MailChimp several years ago when I had a really small email list. The pricing initially was fine, but as my list grew bigger, it seemed as though each month my bill would jump up. Below, I outline the problem I was facing with a $240 monthly email fee and what I ultimately did to reduce it by 92%. React vs Angular vs Vue by Example MailChimp offers a fully featured email system where you can: It offers a great API and it’s really easy to use. All of this comes at a price, though. It costs quite a bit the bigger your email list becomes. That was the problem that I was facing here at Coursetro. I only sent out about 1 email per week to my list of 40,000 subscribers, and a price tag of $240 just didn’t seem worth it. I looked into alternative solutions,…

Here’s a Detailed Look at What's Inside an iPhone - 2 min read
Apple Inc. has sold more than 1.2 billion iPhones since January 2007, when founder Steve Jobs triumphantly claimed, “Today, Apple is going to reinvent the phone.” That figure, based on quarterly results that include the 15 distinct models that came out before iPhones 8 and X, means that in terms of units sold, the iPhone is probably more successful than any consumer product ever created. The device has seeded entire industries—apps, most notably—and sent the stock prices of suppliers soaring. On the other hand, suppliers that have been spurned by Apple have struggled and, in at least one case, subsequently gone bankrupt. The story of the device’s evolution is readily available to anyone willing to crack an old phone open and look at what’s inside. To understand this, we partnered with iFixit, the website known for publishing detailed “teardowns” of each phone, and IHS Markit, which produces estimates of the cost of electronics components. Then, with an EBay account and a little help f…

HashiCorp Consul 1.0 - 3 min read
Today we are excited to announce the public availability of HashiCorp Consul 1.0. Consul is a tool for service discovery and runtime configuration for distributed applications and infrastructure. Consul joins Vagrant and Packer as the third HashiCorp product to reach the 1.0 milestone. The product has added significant functionality since it was released in April 2014 and today is used on millions of machines across many of the world’s largest companies like SAP, Comcast, and Citadel. Consul 1.0 highlights include HCL configuration files and many smaller improvements, fixes, and cleaned up interfaces. Consul 1.0 Enterprise is highlighted by Sentinel integration to enforce policies on Consul’s key/value store and service registration. For more information on Consul Enterprise visit https://www.hashicorp.com/products/consul/. You can find the full list of changes in all Consul releases leading up to 1.0 in the Changelog. There are a number of breaking changes in this release, so pleas…

Handmade Hero - 5 min read
- Immediate access to the latest source code - Full access to all source code updates and game builds - DRM-free copy of the complete game when it’s finished Handmade Hero is an ongoing project to create a complete, professional-quality game accompanied by videos that explain every single line of its source code. Is it a simple game, for teaching purposes? Quite the opposite! The game design has been specifically tailored to require more complex code than exists in most game designs. Sophisticated procedural level generation, intricate item interactions, and globally propagated effects are just some of the many aspects of the game that will be implemented during the series. Are the videos just recordings of someone coding? No! Although 100% of the programming for the game is captured in the videos, each step is also accompanied by continuous explanation of what is going on and why. It is meant to serve as a de facto class on game programming. How far along is th…

Generalization in Deep Learning - 1 min read
…
Everyone knew Houston’s reservoirs would flood — except for the people who bought homes inside them - 23 min read
This story was co-published with The Texas Tribune. When Jeremy Boutor moved to a master-planned community in Houston’s booming energy corridor, he saw it as idyllic. Lakes on Eldridge boasted waterfalls, jogging trails and a clubhouse. It was upscale, secure and close to the office. A bus even picked up his two young sons in front of their house and took them to a nearby international school. “This neighborhood was a paradise,” said Boutor, who moved to Houston from Paris two years ago after his employer, a French-based energy company, asked him to relocate. As the downpours began and Boutor studied maps flashing on his TV screen, he realized that his home wasn’t at risk of flooding just because of record rainfall; it was also located inside one of two massive reservoirs that had been built west of Houston decades ago to protect the city. Boutor ended up with more than a foot of water in his house and was forced to wade out of his home in knee-deep water with his 10-year-old son …

Essential C - 1 min read
…
Equifax says systems not compromised in latest cyber scare - 3 min read
NEW YORK (Reuters) - Equifax Inc said on Thursday that one of its third-party vendors had been running malicious code on one its web pages, but that the credit reporting agency was not the subject of another cyber attack and its systems were not compromised. Equifax had said earlier it took the affected web page offline “out of an abundance of caution” following a report by the technology news website Ars Technica that the company’s website may have been hacked. Atlanta-based Equifax disclosed a little over a month ago that cyber criminals had breached its systems between mid-May and late July and stolen the sensitive information of 145.5 million people. “Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal,” spokeswoman Francesca De Girolami said in a statement on Thursday. “The issue involves a third-party vendor that Equifax uses to collect website performance data, and that vendor’s code running …
Eloquent JavaScript Third Edition - 4 min read
I’m writing a 3rd edition of my freely available book, Eloquent JavaScript. It’ll modernize and further improve the book. Writing is a lot of work, and I know a lot of people appreciate this work, so I hope some of you are interested in chipping in some money to help pay for my time. We’ve reached the goal! Thank you all. If you still have money burning a hole in your pocket, consider donating towards the stretch goal. Eloquent JavaScript is the best introduction into any programming language and programming overall. Period. My name is Marijn Haverbeke. Ten years ago, I wrote the first edition of Eloquent JavaScript and put it online. In 2011, a paper version came out, followed by a second edition in 2014. That second edition is three years old now, which in terms of Web technology is ancient. Each of these versions has been publicly available at eloquentjavascript.net. That site attracts over a hundred thousand unique visitors per month, so it is probably reasonable to say that…
Digging for treasure in Aladdin’s source code – Video Game History Foundation - 57 min read
When it was released back in 1993, Disney’s Aladdin for the Sega Genesis (or Mega Drive, depending on which side of the pond you lived on through the early 90’s) was really a visually striking game. Powered by what eventually became known as “Digicel” technology, along with a solid selection of middleware and some impressive talent, Aladdin managed to set itself apart from other Genesis titles of the era. Aladdin’s beautifully hand-crafted, surprisingly well-quantized artwork set new expectations for many in the realm of what could be accomplished on Genesis hardware. It did so not by leveraging any particularly fancy raster effects or obscure hardware techniques, but rather by pairing effective artwork and design with just the right technology. This unique blend of artwork and technology is a large part of what gives Aladdin a special place in video game history. It’s also a large part of what made it such a joy to discover an archive featuring the complete source code for the game …
Death of the Nile - 15 min read
The world’s longest river is sick - and getting sicker Booming populations have dirtied and drained it, while climate change threatens to cut its flow. And some fear that competition over its dwindling waters could trigger a regional conflict. The rot starts at the source. For as long as the Nile has flowed, Ethiopia’s rains have made up the great bulk – over 80% – of its waters. Fat droplets pour down from July to September, not stopping until the roads have been churned into impassable bogs. Small inland seas emerge almost overnight, slicing the Amhara Plateau into a maze of soggy islets. Gushing out of a forest just south of Lake Tana, the Blue Nile greedily soaks up this bounty, quickly swelling from a stream to a torrent. Though slightly longer, the White Nile, which originates in East Africa’s Lake Victoria and merges with the Ethiopian branch at Khartoum, carries a fraction of the volume. But these rains are not falling as they used to. And that is potentially catastro…

Data Structures and Algorithms (DSA): The Intuitive Guide - 2 min read
This is not a freaking textbook. No confusing academic jargon. No long lists of properties to memorize. No proofs. Because that stuff doesn’t help you actually get it. Here’s what does: Learning what to picture in your head when you think of a dynamic array or a hash map. Learning how to think in algorithms. That’s what this guide is focused on—giving you a visual, intuitive sense for how data structures and algorithms actually work. So if you’ve got a big coding interview coming up, or you never learned data structures and algorithms in school, or you did but you’re kinda hazy on how some of this stuff fits together… This guide will fill in the gaps in your knowledge and make you say, “Oooh, that’s how that works.” We’ll walk you through it all, step by step. Starting from the beginning. Learn how to compare the efficiency of different approaches to a problem. Build the main data structures from the ground up. Learn when to use an array vs. a linked list vs. a hash map. Log…

Data Structure Visualization - 1 min read
…
CryptoKitties - 1 min read
…
Craig Kerstiens - 4 min read
I’ve always felt an affinity for you in my 9 years of working with you. I know others have known you longer, but that doesn’t mean they love you more. Years ago when others complained about your rigidness or that you weren’t as accommodating as others I found solace in your steadfast values: Move forward with a balancing act between new fads of the day while still continuously improving You’ve been there and seen it all. Years ago you were being disrupted by XML databases. As companies made heavy investment into what such a document database would do for their organization you proceeded to “simply” add a datatype that accomplished the same and brought your years of progress along with it. In the early years you had the standard format of index b-tree that most database engines leveraged. Then quietly but confidently you started adding more. Then came K-nearest neighbor, generalized inverted indexes (GIN), and generalized search-tree (GiST), only to be followed by space partitioned G…
Colorizing B&W Photos with Neural Networks - 24 min read
Earlier this year, Amir Avni used neural networks to troll the subreddit /r/Colorization - a community where people colorize historical black and white images manually using Photoshop. They were astonished with Amir’s deep learning bot - what could take up to a month of manual labour could now be done in just a few seconds. I was fascinated by Amir’s neural network, so I reproduced it and documented the process. First off, let’s look at some of the results/failures from my experiments (scroll to the bottom for the final result). Today, colorization is done by hand in Photoshop. To appreciate all the hard work behind this process, take a peek at this gorgeous colorization memory lane video. In short, a picture can take up to one month to colorize. It requires extensive research. A face alone needs up to 20 layers of pink, green and blue shades to get it just right. This article is for beginners. Yet, if you’re new to deep learning terminology, you can read my previous two posts [1][2…
Breaking WPA2 - 24 min read
We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become ava…
Bomb kills journalist who exposed Malta's ties to tax havens - 7 min read
The wreckage of the car of investigative journalist Daphne Caruana Galizia lies next to a road in the town of Mosta, Malta, Monday, Oct. 16, 2017. Malta’s prime minister says a car bomb has killed an investigative journalist on the island nation. Prime Minister Joseph Muscat said the bomb that killed reporter Daphne Caruana Galizia exploded Monday afternoon as she left her home in a town outside Malta’s capital, Valetta. (AP Photo/Rene Rossignaud) This undated photo shows Daphne Caruana Galizia, a Maltese investigative journalist who exposed her island nation’s links with the so-called Panama Papers. Galizia was killed on Monday, Oct. 16, 2017, when a bomb destroyed her car as she was driving near her home in Mosta, a town outside Valletta, Malta’s capital, Prime Minister Joseph Muscat said. (The Malta Independent via AP) An ambulance is parked along the road where a car bomb exploded killing investigative journalist Daphne Caruana Galizia, in the town of Mosta, Malta, Monday, Oct. 1…

Ask HN: How do I find meaningful work? - 2 min read
I look around and I feel like all the startups are either bullshit or making the world worse off. I’ve been a software engineer and data scientist. I’ve worked with machine learning. What should I do next?I’m sick of working with advertising-based businesses because I believe advertising is convincing people to buy useless shit. I don’t want to work in health, because the government and insurance have fucked up the healthcare system, and I don’t want to be part of it. I kinda like fin-tech, but it seems at the end of the day about make rich people richer and/or getting poor people to pollute more. I’ve thought about heading more towards pure research, but I want to know I’m doing something for a good purpose. I’m also totally sick of the ideological crap at lots of startups. I don’t want to have to drink the kool-aid. Neither do I want to work for some large corporate machine.I want there to be real values behind what I’m working on that I can believe in. Despite claims to contrary, I …
Ask HN: Developers who became engineering managers, how was the experience? - 1 min read
Ask HN: Developers who became engineering managers, how was the experience? How was the new role challenging? What skill-sets from earlier were important in the transition?…
Ask HN: Are Glassdoor reviews a reliable indicator of a company's culture? - 1 min read
Ask HN: Are Glassdoor reviews a reliable indicator of a company’s culture? A particularly negative review of a London startup[0] by a former employee has been doing the rounds on social media recently. Perhaps unsurprisingly, a couple of extremely positive reviews by current employees have suddenly cropped up for that company as well. So positive they feel a bit like HR plants. But then again, the original feels like a gleeful hatchet-job and is maybe a bit extreme going the other way. Is Glassdoor reliable, and if not, are there any reliable alternatives?…
Announcing Rust 1.21 - 5 min read
The Rust team is happy to announce the latest version of Rust, 1.21.0. Rust is a systems programming language focused on safety, speed, and concurrency. If you have a previous version of Rust installed, getting Rust 1.21 is as easy as: If you don’t have it already, you can get rustup from the appropriate page on our website, and check out the detailed release notes for 1.21.0 on GitHub. This release contains some very minor, but nice-to-have features, as well as some new documentation. First up, a small change to literals. Consider code like this: In Rust, this code is synonymous with: That is, the 5 here will be stored on the stack, or possibly in registers. x will be a reference to it. However, given that it’s a literal integer, there’s no reason that it has to be local like this. Imagine we had a function that took a ‘static argument, like std::thread::spawn. You might use x like this: In previous versions of Rust, this would fail to compile: Because the 5 is local, so i…
Active cooling your Raspberry Pi 3 - 5 min read
The Raspberry Pi 3 tends to overheat when pushed to its limits. When the processor’s internal temperature approaches 85 degrees Celsius, it protects itself by clocking down or shutting down completely, and the performance of our AI models takes a hit. These infra-red images show a Pi running idle (left) and after a few minutes of running a compute-intensive AI model (right). Notice that the main processor heats up much more than any of the other components on the board. Some cooling kits for the Raspberry Pi include heatsinks for the other components, but these infra-red images suggest that we should really focus on cooling the processor. In this tutorial, we will build a simple and effective active cooling solution for the Raspberry Pi 3. * Adafruit Aluminum Heat Sink for Raspberry Pi 3 - 15 x 15 x 15mm (comes with a thermally conductive sticker), or equivalent. * Adafruit Miniature 5V Cooling Fan for Raspberry Pi (comes with mouting screws and nuts), or equivalent 5V 0.2A DC brush…
ACME Support in Apache HTTP Server Project - 2 min read
We’re excited that support for getting and managing TLS certificates via the ACME protocol is coming to the Apache HTTP Server Project (httpd). ACME is the protocol used by Let’s Encrypt, and hopefully other Certificate Authorities in the future. We anticipate this feature will significantly aid the adoption of HTTPS for new and existing websites. We created Let’s Encrypt in order to make getting and managing TLS certificates as simple as possible. For Let’s Encrypt subscribers, this usually means obtaining an ACME client and executing some simple commands. Ultimately though, we’d like for most Let’s Encrypt subscribers to have ACME clients built in to their server software so that obtaining an additional piece of software is not necessary. The less work people have to do to deploy HTTPS the better! ACME support being built in to one of the world’s most popular Web servers, Apache httpd, is great because it means that deploying HTTPS will be even easier for millions of websites. It’s…

A.G. Schneiderman Announces $375,000 Settlement With Flatiron Computer Coding School For Operating Without A License And For Its Employment And Salary Claims - 4 min read
A. G. SCHNEIDERMAN ANNOUNCES $375,000 SETTLEMENT WITH FLATIRON COMPUTER CODING SCHOOL FOR OPERATING WITHOUT A LICENSE AND FOR ITS EMPLOYMENT AND SALARY CLAIMS A. G. Schneiderman Encourages New Yorkers To Report Deceptive Conduct At For-Profit Schools To His Office NEW YORK–Attorney General Eric T. Schneiderman today announced a $375,000 settlement with Flatiron School, Inc. (“Flatiron”), a New York city-based coding school that operated without a license from the New York State Education Department (“SED”) and improperly marketed and promoted its job placement rate and the average starting salary of its graduates. Today’s settlement follows a series of groundbreaking actions taken by the Attorney General’s Office hold for-profit colleges accountable and to provide relief to victimized students. Under today’s agreement, Flatiron will pay $375,000 in restitution to eligible graduates who file complaints against the coding school with the Attorney General’s Office within three months …

A digital logic simulator - 2 min read
Dear BOOLR users, Last year we wanted to make a working computer in a simulator for a school project. We had learned something about digital logic, and we planned to build a computer in a digital logic simulator. We had tried many simulators, but we couldn’t find what we were looking for. That’s why we decided to make our own simulator, BOOLR, with electron and JavaScript. Because we were quite new to programming, it was quite buggy and slow, but it was much better looking and easier to use than other simulators. Now, one year later, we have gained much more programming experience and we decided to start building a second version that is stable and fast enough for professional use. We are really excited for this project. We have huge plans and it will take a lot of time, but we hope we can make a lot of people happy with it and help people learn more about digital electronics. If you have any suggestion for new features or changes, please do not hesitate to contact us on GitHub…
526: Invalid SSL certificate - 1 min read
The origin web server does not have a valid SSL certificate. What can I do? If you’re a visitor of this website: Please try again in a few minutes. If you’re the owner of this website: The SSL certificate presented by the server did not pass validation. This could indicate an expired SSL certificate or a certificate that does not include the requested domain name. Please contact your hosting provider to ensure that an up-to-date and valid SSL certificate issued by a Certificate Authority is configured for this domain name on the origin server. Additional troubleshooting information here….
500 Data Structures and Algorithms practice pro... - 27 min read
This page may be out of date. Save your draft before refreshing this page. Submit any pending changes before refreshing this page. 500 Data Structures and Algorithms practice problems and their solutionsFind pair with given sum in the array Check if subarray with 0 sum is exists or not Find sub-array with 0 sum Rearrange the array with alternate high and low elements Sort binary array in linear time Sort an array containing 0’s, 1’s and 2’s (Dutch national flag problem) Shuffle a given array of elements (Fisher–Yates shuffle) Find equilibrium index of an array Find majority element in an array (Boyer–Moore majority vote algorithm) Move all zeros present in the array to the end Inplace merge two sorted arrays Merge two arrays by satisfying given constraints Find maximum length sub-array having given sum Find maximum length sub-array having equal number of 0’s and 1’s Find index of 0 to replaced to get maximum length sequence of continuous ones Find maximum product of t…
0.1.1 Release Notes · The Zig Programming Language - 4 min read
This is the first beta release of Zig. Zig is a new programming language that is designed to replace C. Zig can be used to integrate closely with existing C code, or independently, without libc. Zig has numerous cases of assertions built into the language itself, such as asserting that arithmetic overflow will not happen for most operations. When an assertion fails with safety checks enabled, the program crashes; this helps catch bugs. When an assertion fails with safety checks disabled, undefined behavior ensues; this helps optimization. In LLVM, bitshifting too far is undefined behavior. Zig requires that you bitshift by a number whose type is the exactly correct size. For shifting a 32-bit integer, you must shift by a 5-bit integer. Out-of-memory situations are commonly treated with crashes in most development communities. In Zig, this corner case needs to be supported. All standard library APIs return errors for out-of-memory situations, and when you call a function that c…
- 1 min read
… image:
UK spies using social media data for mass surveillance - 5 min read
Privacy rights group Privacy International says it has obtained evidence for the first time that UK spy agencies are collecting social media information on potentially millions of people. It has also obtained letters it says show the intelligence agencies’ oversight body had not been informed that UK intelligence agencies had shared bulk databases of personal data with foreign governments, law enforcement and industry — raising concerns about effective oversight of the mass surveillance programs. The documents have come out as a result of an ongoing legal challenge Privacy International has brought against UK intelligence agencies’ use of bulk personal data collection as an investigatory power. (The group also has various other active legal challenges, including to state hacking). It says now that the Investigatory Powers Commissioner’s Office (IPCO) oversight body “sought immediate inspection when secret practices came to light” as a result of its litigation. The use by UK spooks …

Google commits $1 billion in grants to train U.S. workers for high-tech jobs - 3 min read
The nature of work is changing on a global level at a rapid pace. Sure, it’s not the first time work has been dramatically impacted by technology, but the growth of automation, robotics, AI and the like have the potential to displace jobs at an unprecedented rate. And Google will almost certainly be one of the driving forces behind that transformation. The search giant has regularly expressed a desire to help stem some of that negative impact, and now it’s putting its money where its mouth is to the tune of $1 billion. CEO Sundar Pichai announced Grow with Google at an event earlier today in Pittsburgh, PA. Over the next five years, the initiative will commit $1 billion to nonprofits aimed at training American workers and helping build business. The location of the event will not be lost on anyone who has followed Pittsburgh’s growth over the last few decades. The Steel City has long served as an ideal example of an economy that’s rebounded from the brink of disaster. In Pittsburgh’s…

Facebook acquires anonymous teen compliment app tbh, will let it run - 7 min read
Facebook wants tbh to be its next Instagram. Today, Facebook announced it’s acquiring positivity-focused polling startup tbh and will allow it to operate somewhat independently with its own brand. tbh had scored 5 million downloads and 2.5 million daily active users in the past nine weeks with its app that lets people anonymously answer kind-hearted multiple-choice questions about friends who then receive the poll results as compliments. You see questions like “Best to bring to a party?,” “Their perseverance is admirable?” and “Could see becoming a poet?” with your uploaded contacts on the app as answer choices. tbh has racked up more than 1 billion poll answers since officially launching in limited states in August, mostly from teens and high school students, and spent weeks topping the free app charts. When we profiled tbh last month in the company’s first big interview, co-creator Nikita Bier told us, “If we’re improving the mental health of millions of teens, that’s a success to …

Steve Wozniak announces tech education platform Woz U - 2 min read
Steve Wozniak, the Apple co-founder who changed the world alongside Steve Jobs, has today announced the launch of Woz U. According to the release, Woz U will start as an online learning platform focused on both students and companies that will eventually hire those students. Woz U is based out of Arizona, and hopes to launch physical locations for learning in more than 30 cities across the globe. At launch, the curriculum will center around computer support specialists and software developers, with courses on data science, mobile applications and cybersecurity coming in the future. Alongside the education platform, Woz U will also offer platforms for tech companies to recruit, train and retain their workforce through on-site customized programs and subscription-based curricula. There also will be a platform for K-12 students, which will be distributed to school districts, that will offer STEAM programs to identify talent and nudge those individuals into a tech-based career. And if …
![]()
IGN acquires pay-what-you-want game shop Humble Bundle - 3 min read
Online media giant IGN has acquired Humble Bundle, the indie games storefront best known for its pay-what-you-want bundles that raise money for charity. The company says nothing will change for users and that “we will keep our own office, culture, and amazing team with IGN helping us further our plans.” Humble Bundle started in 2010, its first bundle (the Humble Indie Bundle) comprising World of Goo, Gish, Aquaria and several other notable indie games, for which users could pay anything from a nickel to well over retail price. With 138,000 purchases paying an average of just over $9, it raised $1.27 million, with a significant portion going to charity (Child’s Play, if I remember correctly). Since then there have been dozens upon dozens of bundles and sales, with the company branching out to e-books and music as well as games. Over $100 million has been raised for charity since the company started up, and a similar amount for the developers involved — an optional small percentage cou…

Hyperloop One becomes ‘Virgin Hyperloop One’ with Virgin Group investment - 2 min read
Hyperloop One has received a significant investment in Hyperloop One — the official figure hasn’t been revealed, but it’s enough that the Hyperloop tech startup, which aims to create networks of high-speed transportation tunnels to various locales across the globe, has changed its name. Virgin Hyperloop One is the entity’s official moniker going forward, which is quite a mouthful. Virgin Hyperloop One’s rebrand will mean it gains from association with Virgin Group founder Richard Branson, whose high-tech transportation exploits include Virgin Galactic and other space-based ventures. The goal of the company under the rebrand remains the same, and it’ll continue to explore the best places and partners for deploying its high-speed transportation tech, which will zoom pods at high speed down extremely low-pressure tubes to reduce trip times over land from hours to minutes. The money isn’t the only connection between Hyperloop One and Virgin; the Hyperloop company’s president of engineeri…

release50 - 6 min read
DragonFly version 5.0 brings the first bootable release of HAMMER2, DragonFly’s next generation file system. The details of all commits between the 4.8 and 5.0 branches are available in the associated commit messages for 5.0.0rc1, 5.0.0rc2, and 5.0.0. Preliminary HAMMER2 support has been released into the wild as-of the 5.0 release. This support is considered EXPERIMENTAL and should generally not yet be used for production machines and important data. The boot loader will support both UFS and HAMMER2 /boot. The installer will still use a UFS /boot even for a HAMMER2 installation because the /boot partition is typically very small and HAMMER2, like HAMMER1, does not instantly free space when files are deleted or replaced. DragonFly 5.0 has single-image HAMMER2 support, with live dedup (for cp’s), compression, fast recovery, snapshot, and boot support. HAMMER2 does not yet support multi-volume or clustering, though commands for it exist. Please use non-clustered single images for…
Home - 3 min read
Cigarette filters, you find them in the park next to you in the grass, in dirty ditches and under your shoes. What if we could find a way to collect these butts from all corners of our city and precious parks? With crows, that have become perfectly adapted to city life, we can! By training crows to recognize and pick up cigarette filters we can solve this tenacious problem of city pollution. It is the Crowbar that does the training for us and gives out food as a reward. Want to know more? Please scroll down! In the Netherlands every year more than 6 billion cigarette filters are tossed onto the street. It’s easy to toss, but it’s not easy to pick them up. Since each filter takes 12 years to degrade we realised it’s time to take action. Through observation we concluded crows are the smartest around us to reach any spot in the city. What if crows can bring cigarette filters to one of our Crowbars to exchange the filter for food? This is how our adventure started. 98 percent of cigaret…

meet the new Google Calendar for web - 3 min read
Check your schedule. Starting today, a fresh look and new features are coming to Google Calendar on the web to help you manage your time more efficiently and get more done. We’re taking a lot of what you know and love from Calendar’s mobile application, like the modern color palette and sleek design, and bringing it to the web with a responsive layout that auto-adjusts to your screen size. We’ve also added more features for enterprises to help teams schedule and prepare for meetings. Over the years, you’ve shared valuable feedback on how we can enhance Calendar to better fit your needs and we’re excited to bring new improvements. Now, it’s even easier to manage your schedule at your desk. In the new Calendar for web, you can:See conference room details when booking a room. G Suite admins can now enter detailed information about their organization’s meeting rooms—so employees know where a conference room is located, how large it is, and whether it has audio/video equipment or is wheelc…

Why we switched from Python to Go - 13 min read
Switching to a new language is always a big step, especially when only one of your team members has prior experience with that language. Early this year, we switched Stream’s primary programming language from Python to Go. This post will explain some of the reasons why we decided to leave Python behind and make the switch to Go. Go is extremely fast. The performance is similar to that of Java or C++. For our use case, Go is typically 30 times faster than Python. Here’s a small benchmark game comparing Go vs Java. For many applications, the programming language is simply the glue between the app and the database. The performance of the language itself usually doesn’t matter much. Stream, however, is an API provider powering the feed infrastructure for 500 companies and more than 200 million end users. We’ve been optimizing Cassandra, PostgreSQL, Redis, etc. for years, but eventually, you reach the limits of the language you’re using. Python is a great language but its performance is…

WePay’s Next Chapter - 4 min read
It’s a cliché to say that startups are rollercoasters. But it’s a cliché because it’s true. The past 9 years have been the most intense of my life. The WePay team has navigated pivots, faced near-death experiences, celebrated marriages & babies, posted big wins, raised millions, forged company-defining partnerships, welcomed new faces, and mourned the losses of colleagues and friends. We’ve processed a lot of payments too – helping countless small businesses get paid faster and easier, and helping people and causes raise billions for those in need. Through it all, the WePay community and its commitment to each other has elevated the highs and bound us together in the lows. For that, I am eternally thankful to the amazing and unique group of people I am so privileged to call colleagues. Of all the titles I’m fortunate to hold, teammate is my favorite. Today, I’m excited because we’re beginning a new chapter in the WePay journey. We are beginning the work to combine our talent and te…

Surprise! The Pixel 2 is hiding a custom Google SoC for image processing - 4 min read
Sign in Sign up or login to join the discussions! Sign up to comment and more Sign up Two SoCs is better than one — Surprise! The Pixel 2 is hiding a custom Google SoC for image processing Google’s 8-core Image Processing Unit will be enabled with Android 8.1. Enlarge Google’s Pixel Visual Core, an SoC designed for image processing and machine learning. Google’s newest flagship smartphone, the Pixel 2, is nearly out. The company has been talking a big game about the 2’s camera and calling it, definitively, “the best smartphone camera.” But Google has been keeping a huge secret under wraps: the Pixel 2 has a custom, Google-designed SoC dedicated exclusively to camera image processing. The SoC is not active yet, but Google claims it will make the Pixel 2 process photos faster and more efficiently than ever. In addition to the usual Qualcomm Snapdragon 835 SoC, the Pixel 2 is equipped with the “Pixel Visual Core,” an extra, second SoC designed by Google with hardware-accelera…

Introducing Surface Book 2, the most powerful Surface Book ever - 8 min read
When you think about Microsoft and you hear our mission – to empower every person and every organization on the planet to achieve more – it’s powerful. As product makers, we have to believe in the reasons we build our products. From Office to Windows to Surface, this is a notion that drives us. As a team we work together to create products with seamless interactions from the silicon to the software. You see this across the entire Surface family – Pen, Dial, touch, voice – they opened so many doors to allow people to work and create in new ways. When we launched Surface Book two years ago we set out to build the most powerful and versatile laptop, to breakdown the boundaries between what you can imagine and what you can create, and we’ve been so inspired by how people have used Surface Book through their entire creative process. But people still want more, and creators continue to push the limits of what technology can do. So, we built the laptop of the future for the creators making…

Hotswapping Haskell - 14 min read
This is a guest post by Jon Coens. Jon worked on the Haxl project since the beginning in 2013, and nowadays he works on broadening Haskell use within Facebook. From developing code through deployment, Facebook needs to move fast. This is especially true for one of our anti-abuse systems that deploys hundreds of code changes every day. Releasing a large application (hundreds of Kloc) that many times a day presents plenty of intriguing challenges. Haskell’s strict type system means we’re able to confidently push new code knowing that we can’t crash the server, but getting those changes out to many thousands of machines as fast as possible requires some ingenuity. Given the application size and deployment speed constraints: * Building a new application binary for every change would take too long * Starting and tearing down millions of heavy processes a day would create undue churn on other infrastructure * Splitting the service into multiple smaller services would slow down developer…
Google's 'Advanced Protection' Locks Down Accounts Like Never Before - 7 min read
When it comes to the eternal tradeoff between digital security and convenience, most tech firms focus their efforts on the vast majority of people who choose a painless user experience over a paranoid one. But Google is adding a set of features specifically targeted at those who prefer the latter. You can now lock down your account to a degree that no other major tech firm has ever offered directly to users, convenience be damned. On Tuesday, Google announced the launch of a new “advanced protection” setting for Google accounts, which makes it harder than ever for hackers to break into your sensitive data on Gmail, Google Drive, YouTube or any other Google property. The opt-in, ultra-secure mode is intended for truly high-risk users, including those who face the threat of state-sponsored, highly resourced cyberespionage. Think politicians and officials, high net-worth individuals, activists, dissidents, and journalists. As such, it’s a strict and unforgiving system, designed to reinf…

Choosing between names and identifiers in URLs - 12 min read
Product updates, customer stories, and tips and tricks on Google Cloud Platform API design: Choosing between names and identifiers in URLs If you’re involved in the design of web APIs, you know there’s disagreement over the style of URL to use in your APIs, and that the style you choose has profound implications for an API’s usability and longevity. The Apigee team here at Google Cloud has given a lot of thought to API design, working both internally and with customers, and I want to share with you the URL design patterns we’re using in our most recent designs, and why. When you look at prominent web APIs, you’ll see a number of different URL patterns. Here are two API URLs that exemplify two divergent schools of thought on URL style: https://ebank.com/accounts/a49a9762-3790-4b4f-adbf-4577a35b1df7 https://library.com/shelves/american-literature/books/moby-dick The first is an anonymized and simplified version of a real URL from a U. S. bank where I have a checking account. The s…

Alphabet’s Sidewalk Labs strikes deal to turn 800 acres of Toronto into an ‘internet city’ - 3 min read
Sidewalk Labs, the smart city subsidiary of Alphabet with the stated goal of “reimagining cities from the Internet up,” now has a very big sandbox in which to conduct its high-tech experiments. The Google spinoff announced a deal with the city of Toronto to develop 800 acres of waterfront property into its own digital utopia. Waterfront Toronto, a city agency tasked with overseeing the development along the shore of Lake Ontario, is teaming up with Sidewalk Labs to create a new venture called Sidewalk Toronto. On Tuesday, Canadian Prime Minister Justin Trudeau joined top executives from Alphabet, including executive chairman Eric Schmidt, to announce the deal, which includes a $50 million commitment from Sidewalk Labs for the installation and testing of the company’s smart city technology. The cost of the project, currently dubbed Quayside, is likely to run over $1 billion, according to an earlier report by The Wall Street Journal. “Today’s announcement is about creating a new type o…
![]()
daniel.haxx.se - 6 min read
The Polhem Prize (Polhemspriset in Swedish), is awarded “for a high-level technological innovation or an ingenious solution to a technical problem.” The Swedish innovation must be available and shown competitive on the open market. This award has been handed out in the name of the scientist and inventor Christopher Polhem, sometimes called the father of Swedish engineering, since 1878. It is Sweden’s oldest and most prestigious award for technological innovation. I first got the news on the afternoon on September 24th and I don’t think I exaggerate much if I say that I got a mild shock. Me? A prize? How did they even find me or figure out what I’ve done? I get this award for having worked on curl for a very long time, and by doing this having provided an Internet infrastructure of significant value to the world. I’ve never sold it nor earned much of commercial income from this hobby of mine, but my code now helps to power an almost unimaginable amount of devices, machines and other …
Wall Street Revisits the Crash of '87 - 35 min read
On Wall Street, when things decline, you tend to remember. When things decline a lot, you remember the date. Oct. 19, 1987, is one such example. The biggest single-day stock market collapse in history—a 23 percent drop—rendered once-trusted ideas useless and redefined the financial landscape for market professionals. One of them was a rising Salomon Brothers bond salesman named Michael Lewis, who had yet to pen Liar’s Poker. “The markets in a panic are like a country during a coup, and seen in retrospect that is how they were that day,” he would later write of the chaos he witnessed. “One small group of people with its old, established way of looking at the world is hustled from its seat of power.” Black Monday, as the day became known, is part of financial history’s fossil record, a divide between old and new markets. It was the first significant instance of computer-driven trading run amok. The nascent equity options market saw assumptions based on the Black-Scholes model overturne…

The great thaw of America’s north is coming - 13 min read
Vladimir Romanovsky walks through the dense black spruce forest with ease. Not once does he stop or slow down to balance himself on the cushy moss beneath his feet insulating the permafrost. It’s a warm day in July, and the scientist is looking for a box that he and his team have installed on the ground. It’s hidden nearly six miles (10km) north of the Geophysical Institute at the University of Alaska in Fairbanks, where he’s a professor of geophysics and heads the Permafrost Laboratory. The box, which is covered by tree branches, contains a data collector connected to a thermometer installed below ground for measuring permafrost temperature at different depths. Permafrost is any earth material that remains at or below 0C (32F) for at least two consecutive years. Romanovsky connects his laptop to the data collector to transfer the temperature data for this location – called Goldstream III – which he will later add to an online database accessible to both scientists and interested in…

The War To Sell You A Mattress Is An Internet Nightmare - 31 min read
The War To Sell You A Mattress Is An Internet NightmareWhy did Casper sue a mattress blogger? A closer look reveals a secret, multimillion-dollar battle to get you into bed. One day in the spring of 2016 I mentioned to a friend that I needed a new mattress. Mine was a sunken hand-me-down that had become about as comfortable as concrete.“I know a guy who can give you a free mattress,” my friend said. This sounded too good to be believed, but my friend protested it was true: “This guy Kenny, he reviews mattresses online, and companies just send them to him. He can’t get rid of them fast enough.” Not long after came the email introduction: “David, meet Kenny.”Journalists aren’t supposed to accept freebies. But the one thing I was certain of was that I would never write an article about online mattress reviewing, a subject so self-evidently boring that I became a little sad just imagining it. So when Kenny replied that he expected to have a mattress to offload soon, I only asked him what …

The Long-Term Stock Exchange Is Worth a Shot - 4 min read
Here is a theory of stock prices. The value of a share of a company is equal to the market’s expectation of the present value of its future free cash flows. If the company does something that will permanently increase its earnings power in the future, that will increase the price of its stock. If the company pursues a short-term gain at the expense of its long-term prospects, that will decrease the price of its stock, because the bulk of a share’s value comes not from this quarter’s earnings but from earnings over the entire future. As a theory of stock prices, this has the advantage of being (1) very, very standard economics and (2) kind of intuitive. (A popular alternative theory – that stock prices reflect only very near-term events and ignore the future – requires investors to be, collectively, very stupid.) It has the disadvantage of being somewhat debatable, empirically, but it is not obvious that the alternative theories are any stronger there. One basic and important implic…

Space out with planets in Google Maps - 2 min read
Twenty years ago, the spacecraft Cassini launched from Cape Canaveral on a journey to uncover the secrets of Saturn and its many moons. During its mission, Cassini recorded and sent nearly half a million pictures back to Earth, allowing scientists to reconstruct these distant worlds in unprecedented detail. Now you can visit these places—along with many other planets and moons—in Google Maps right from your computer. For extra fun, try zooming out from the Earth until you’re in space! Explore the icy plains of Enceladus, where Cassini discovered water beneath the moon’s crust. Peer beneath the thick clouds of Titan to see methane lakes. Inspect the massive crater of Mimas—while it might seem like a sci-fi look-a-like, it is a moon, not a space station. Special thanks goes to astronomical artist Björn Jónsson, who assembled the planetary maps of Europa, Ganymede, Rhea, and Mimas by working with imagery from NASA and the European Space Agency. The fun doesn’t stop there—we’ve added Plu…

Serious flaw in WPA2 protocol lets attackers intercept passwords and much more - 8 min read
Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting. The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks ahead of a coordinated disclosure that was scheduled for 8am Monday, East Coast time. A website disclosing the vulnerability said it affects the core WPA2 protocol itself and is effective against devices running Android, Linux, and OpenBSD, and to a lesser extent macOS and Windows, as well as MediaTek Linksys, and other types of devices. The site warned that attackers can exploit the flaw to decrypt a wealth of sensitive data that’s normally encrypted by the nearly ubiquitous Wi-Fi encryption protocol. “This can be abused to steal sen…

Ophelia became a major hurricane where no storm had before - 2 min read
The system formerly known as Hurricane Ophelia is moving into Ireland on Monday, bringing ”status red” weather throughout the day to the island. The Irish National Meteorological Service, Met Éireann, has warned that, “Violent and destructive gusts of 120 to 150km/h are forecast countrywide, and in excess of these values in some very exposed and hilly areas. There is a danger to life and property.” Ophelia transitioned from a hurricane to an extra-tropical system on Sunday, but that only marginally diminished its threat to Ireland and the United Kingdom on Monday, before it likely dissipates near Norway on Tuesday. The primary threat from the system was high winds, with heavy rains. Forecasters marveled at the intensification of Ophelia on Saturday, as it reached Category 3 status on the Saffir-Simpson scale and became a major hurricane. For a storm in the Atlantic basin, this is the farthest east that a major hurricane has been recorded during the satellite era of observations. Addi…

Malta car bomb kills Panama Papers journalist - 6 min read
Daphne Caruana Galizia, a blogger whose investigations focused on corruption, was described as a ‘one-woman WikiLeaks’ Daphne Caruana Galizia, a blogger whose investigations focused on corruption, was described as a ‘one-woman WikiLeaks’ The journalist who led the Panama Papers investigation into corruption in Malta was killed on Monday in a car bomb near her home. Daphne Caruana Galizia died on Monday afternoon when her car, a Peugeot 108, was destroyed by a powerful explosive device which blew the vehicle into several pieces and threw the debris into a nearby field. A blogger whose posts often attracted more readers than the combined circulation of the country’s newspapers, Caruana Galizia was recently described by the Politico website as a “one-woman WikiLeaks”. Her blogs were a thorn in the side of both the establishment and underworld figures that hold sway in Europe’s smallest member state. Her most recent revelations pointed the finger at Malta’s prime minister, Joseph Musc…

Kubernetes - 1 min read
The Docker platform is getting support for Kubernetes. This means that developers and operators can build apps with Docker and seamlessly test and deploy them using both Docker Swarm and Kubernetes. We’re adding Kubernetes support in both Docker Community Edition on the desktop for developers using Windows and macOS, and in Docker Enterprise Edition. The bulk of the Kubernetes integration work happens in the open in the Moby Project….

Just own the damn robots. - 14 min read
Just own the damn robots. …five ranks of ten machines each, swept their tools in unison across steel bars, kicked out finished shafts onto continuous belts…Paul unlocked the box containing the tape recording that controlled them all. The tape was a small loop that fed continuously between magnetic pickups. On it were recorded the movements of a master machinist turning out a shaft for a fractional horsepower motor. He’d been in on the making of the tape, the master from which this one had been made. He had been sent to one of the machine shops to make the recording. The foreman had pointed out the best man – what was his name? – and, joking with the puzzled machinist, had been hooked up to the recording apparatus. Hertz! That had been the machinist’s name – Rudy Hertz, an old timer, who had been about ready to retire.And here, now, this little loop in the box before Paul, here was Rudy as Rudy had been to his machine that afternoon – Rudy, the turner-on of power, the setter of speeds,…

Infineon RSA Key Generation Issue - 2 min read
Infineon Technologies, one of Yubico’s secure element vendors, has informed us of a security issue in their cryptographic firmware library. The issue affects TPMs in millions of computers, and multiple smart card and security token vendors. For Yubico, the issue weakens the strength of on-chip RSA key generation, and affects some use cases for the PIV smart card and OpenPGP functionality of the YubiKey 4 platform. We’ve issued a security advisory on this issue. FIDO U2F, OTP, and OATH functions of the YubiKey 4 platform are not affected. The YubiKey NEO, FIDO U2F Security Key and YubiHSM are not impacted, nor are the deprecated products YubiKey Standard and YubiKey Edge. Externally generated RSA keys are not affected. Yubico estimates that approximately 2% of YubiKey customers utilize the functionality affected by this issue. We have addressed this issue in all shipments of YubiKey 4, YubiKey 4 Nano, and YubiKey 4C, since June 6, 2017. At this time, we are not aware of any security…

Falling through the KRACKs - 7 min read
The big news in crypto today is the KRACK attack on WPA2 protected WiFi networks. Discovered by Mathy Vanhoef and Frank Piessens at KU Leuven, KRACK (Key Reinstallation Attack) leverages a vulnerability in the 802.11i four-way handshake in order to facilitate decryption and forgery attacks on encrypted WiFi traffic. The paper is here. It’s pretty easy to read, and you should. I don’t want to spend much time talking about KRACK itself, because the vulnerability is pretty straightforward. Instead, I want to talk about why this vulnerability continues to exist so many years after WPA was standardized. And separately, to answer a question: how did this attack slip through, despite the fact that the 802.11i handshake was formally proven secure? For a detailed description of the attack, see the KRACK website or the paper itself. Here I’ll just give a brief, high level description. The 802.11i protocol (also known as WPA2) includes two separate mechanisms to ensure the confidentiality and…

Europe's Airbus to take majority stake in Bombardier CSeries program - 5 min read
Bombardier Inc. announced Monday it has sold a majority stake in its CSeries passenger jet business to European aerospace giant Airbus for no cost. The move comes after lacklustre sales and after the U. S. Commerce Department imposed harsh duties on Bombardier, charging the Montreal-based company is selling the CSeries planes in the U.S. below cost and receiving government subsidies. The Commerce Department recently announced it would impose an 80 per cent duty on top of duties of nearly 220 per cent. The case has been a win for U. S.-based rival Boeing. Boeing has said it didn’t move early enough against Airbus subsidies in the 1970s. Airbus is now a global giant. The move by Bombardier could possibly circumvent duties being imposed on the CSeries. The CSeries headquarters will remain in the Montreal area, but a second assembly line for the 100- to 150-seat plane will be set up at Airbus’s facility in Mobile, Ala., so the plane can be sold in the United States. Airbus chief execu…

ESO Telescopes Observe First Light from Gravitational Wave Source - 10 min read
ESO’s fleet of telescopes in Chile have detected the first visible counterpart to a gravitational wave source. These historic observations suggest that this unique object is the result of the merger of two neutron stars. The cataclysmic aftermaths of this kind of merger — long-predicted events called kilonovae — disperse heavy elements such as gold and platinum throughout the Universe. This discovery, published in several papers in the journal Nature and elsewhere, also provides the strongest evidence yet that short-duration gamma-ray bursts are caused by mergers of neutron stars. For the first time ever, astronomers have observed both gravitational waves and light (electromagnetic radiation) from the same event, thanks to a global collaborative effort and the quick reactions of both ESO’s facilities and others around the world. On 17 August 2017 the NSF’s Laser Interferometer Gravitational-Wave Observatory (LIGO) in the United States, working with the Virgo Interferometer in Italy, …

The World Once Laughed at North Korean Cyberpower. No More. - 1 min read
…

The Transaction Costs of Tokenizing Everything - 4 min read
I wonder if Al Gore ever looks down at us peons, crawling around the internet like eight-legged leeches: I invented that. I took the initiative in creating the Internet. Now all these freeloaders are using MY internet protocol to drive billions of dollars worth of value. For FREE. Damn, I should have done an ICO. Even though Al Gore neglected to tokenize his internet protocol*, someone else came along with the next-best thing. The internet is just a bunch of routers and cables, sending and receiving data all day long. Most internet providers have peering agreements, where they carry each other’s traffic for free. Sharing is mutually beneficial, and their customers pay a fixed monthly rate regardless of use. That’s all well and good when capacity is plentiful, but what happens if half the country wants to stream Sunday Night Football while I’m trying to sync my Bitcoin node? Whose data gets to go first? Enron’s bandwidth contracts were designed to solve this potential queueing pro…

Robot drivers are ‘odd, and that’s why they get hit’ - 4 min read
While the public is most afraid of marauding vehicles without a driver behind the wheel, the reality is that the self-driving vehicles are overly cautious. While the public is most afraid of marauding vehicles without a driver behind the wheel, the reality is that the self-driving vehicles are overly cautious. WASHINGTON — As auto accidents go, it wasn’t much: twelve minutes before noon on a cool June day, a Chevrolet Bolt was rear ended as it crawled from a stop light in downtown San Francisco. What made this fender bender noteworthy was the Bolt’s driver: a computer. In California, where companies like Cruise Automation and Waymo are ramping up testing of self-driving cars, human drivers keep running into them in low-speed fender benders. The run-ins highlight an emerging culture clash between humans who often treat traffic laws as guidelines and autonomous cars that refuse to roll through a stop sign or exceed the speed limit. “They don’t drive like people. They drive like robo…

My 20-Year Experience of Software Development Methodologies - 10 min read
Recently I read Sapiens: A Brief History of Humankind by Yuval Harari. The basic thesis of the book is that humans require ‘collective fictions’ so that we can collaborate in larger numbers than the 150 or so our brains are big enough to cope with by default. Collective fictions are things that don’t describe solid objects in the real world we can see and touch. Things like religions, nationalism, liberal democracy, or Popperian falsifiability in science. Things that don’t exist, but when we act like they do, we easily forget that they don’t. This got me thinking about some of the things that bother me today about the world of software engineering. When I started in software 20 years ago, God was waterfall. I joined a consultancy (ca. 400 people) that wrote very long specs which were honed to within an inch of their life, down to the individual Java classes and attributes. These specs were submitted to the customer (God knows what they made of it), who signed it off. This was then bui…

Haskell Typeclasses vs. C++ Classes - 10 min read
Classes from Object-Oriented Programming languages such as C++ allow types to declare a pre-selected list of overridable functions. Typeclasses in Haskell are a general-purpose way to write functions whose implementations change depending on the type of a parameter. They’re used very differently in practice, but this article will: * Show that Haskell constructs a very similar data structure in typeclass-using code C++ has the concept of a “class” - a record together with functions that manipulate it. The class creates a new namespace for the functions, so that different classes can have functions with the same name. Each function also takes the record as an implicit argument. Here is an example of a class: and here is how it might translate into C: A C++ compiler infers the namespace from a variable’s type, while a C programmer would have to remember which variant of f he wanted to invoke. C++ also supports subtyping: x is a subtype of y if every record field and function in y …
The impossible dream of USB-C – Marco.org - 5 min read
I love the idea of USB-C: one port and one cable that can replace all other ports and cables. It sounds so simple, straightforward, and unified. In practice, it’s not even close. USB-C normally transfers data by the USB protocol, but it also supports Thunderbolt… sometimes. The 12-inch MacBook has a USB-C port, but it doesn’t support Thunderbolt at all. All other modern MacBook models support Thunderbolt over their USB-C ports… but if you have a 13-inch model, and it has a Touch Bar, then the right-side ports don’t have full Thunderbolt bandwidth. If you bought a USB-C cable, it might support Thunderbolt, or it might not. There’s no way to tell by looking at it. There’s usually no way to tell whether a given USB-C device requires Thunderbolt, either — you just need to plug it in and see if it works. Much of USB-C’s awesome capability comes from Thunderbolt and other Alternate Modes. But due to their potential bandwidth demands, computers can’t have very many USB-C ports, making it …
Fraud Scandals Sap China’s Dream of Becoming a Science Superpower - 8 min read
At the same time, a government investigation highlighted the existence of a thriving online black market that sells everything from positive peer reviews to entire research articles. President Xi Jinping, whose leadership is expected to be reaffirmed at a Communist Party congress that begins next week, has stated his goal of turning China into “a global scientific and technology power” by 2049. But the revelations have been a setback to this effort. China has, of course, made enormous strides in science, research and technology. Worried that its economy is still too dependent on low-end manufacturing, the government is investing hundreds of billions of dollars in developing high-tech industries like semiconductors, solar panels, artificial intelligence, medical technologies and electric cars. China has built extensive infrastructure across the country, with roads, railroads, ports and bridges that exhibit enviable engineering prowess. And it has reshaped many other parts of the worl…

Becoming a Steelworker Liberated Her. Then Her Job Moved to Mexico. - 1 min read
…

fund GIMP development and Libre animation - 4 min read
Too long, didn’t read? In a few words: our GIMP development + ZeMarmot production is currently funded barely above 400 € per month, this doesn’t pay the bills, my main computer broke today and Aryeom’s graphics tablet has been working badly for some time now. We are a bit bummed out. So we call for your help! You can fund GIMP development and ZeMarmot production on Patreon or Tipeee! Read below for more. If you read us regularly, you know that I am hacking GIMP a lot. We are just a handful of regular developers in GIMP, I am one of them. My contributions go from regular bug fixes to bigger features, maintenance of several pieces of code as well as regular code review from contributed patches. I do this in the context of ZeMarmot project, with Aryeom Han, director and animator. We draw on and hack GIMP because we believe in Free Software. On the side, I also contribute to a lot of other Free Software. Our absolutely-not-hidden goal is to be able, one day, to live from hacking Fr…

Wolf Puppies Are Adorable. Then Comes the Call of the Wild. - 2 min read
NICOLET, Quebec — I’m sitting in an outdoor pen with four puppies chewing my fingers, biting my hat and hair, peeing all over me in their excitement. At eight weeks old, they are two feet from nose to tail and must weigh seven or eight pounds. They growl and snap over possession of a much-chewed piece of deer skin. They lick my face like I’m a long-lost friend, or a newfound toy. They are just like dogs, but not quite. They are wolves. When they are full-grown at around 100 pounds, their jaws will be strong enough to crack moose bones. But because these wolves have been around humans since they were blind, deaf and unable to stand, they will still allow people to be near them, to do veterinary exams, to scratch them behind the ears — if all goes well. Yet even the humans who raised them must take precautions. If one of the people who has bottle-fed and mothered the wolves practically since birth is injured or feels sick, she won’t enter their pen to prevent a predatory reaction. No …

What Would It Look Like If We Put Warnings on IoT Devices Like We Do Cigarette Packets? - 3 min read
A couple of years ago, I was heavily involved in analysing and reporting on the massive VTech hack, the one where millions of records were exposed including kids’ names, genders, ages, photos and the relationship to parents’ records which included their home address. Part of this data was collected via an IoT device called the InnoTab which is a wifi connected tablet designed for young kids; think Fisher Price designing an iPad… then totally screwing up the security. Anyway, I read a piece today about VTech asking the court to drop an ongoing lawsuit that came about after the hack. In that story, the writer recalled how VTech has updated their terms and conditions after the attack in an attempt to absolve them of any future responsibility in subsequent attacks. So I gave VTech a suggestion: Hey @vtechtoys, how about put this warning on the box so it can be seen before purchasing? Yeah, didn’t think so… https://t.co/erdFdUp4jS pic.twitter.com/qRUUCmz1SY— Troy Hunt (@troyhunt) Octo…

Twitter Is Crawling With Bots and Lacks Incentive to Expel Them - 8 min read
On Wednesday, the exterior of Twitter’s San Francisco headquarters bore an eerie message: “Ban Russian Bots.” Someone— the company doesn’t know who— projected the demand onto the side of its building. Bots, or automated software programs, can be programmed to periodically send out messages on the internet. Now Twitter is scrambling to explain how bots controlled by Russian meddlers may have been used to impact the 2016 president election. Investigators hoping to mine Twitter data to figure out who was behind the operation are probably out of luck because the company deleted tweets and other user data, Politico reported today, citing unnamed current and former government cybersecurity officials. The news site said federal investigators now believe Twitter was one of Russia’s most potent weapons in its efforts to tip the election to Donald Trump. Twitter’s privacy policies generally dictate that when a user revises or deletes tweets, paid promotions or entire accounts, the company must…

There's No Fire Alarm for Artificial General Intelligence - 41 min read
What is the function of a fire alarm? One might think that the function of a fire alarm is to provide you with important evidence about a fire existing, allowing you to change your policy accordingly and exit the building. In the classic experiment by Latane and Darley in 1968, eight groups of three students each were asked to fill out a questionnaire in a room that shortly after began filling up with smoke. Five out of the eight groups didn’t react or report the smoke, even as it became dense enough to make them start coughing. Subsequent manipulations showed that a lone student will respond 75% of the time; while a student accompanied by two actors told to feign apathy will respond only 10% of the time. This and other experiments seemed to pin down that what’s happening is pluralistic ignorance. We don’t want to look panicky by being afraid of what isn’t an emergency, so we try to look calm while glancing out of the corners of our eyes to see how others are reacting, but of course …

The scientists persuading terrorists to spill their secrets - 32 min read
n 2013, a British man was arrested for planning to kidnap and brutally murder a soldier. The suspect, who had a criminal history, had posted messages on social media in support of violent jihad. In a search of his residence, the police had found a bag containing a hammer, a kitchen knife and a map with the location of a nearby army barracks. Shortly after his arrest, the suspect was interviewed by a counter-terrorist police officer. The interviewer wanted him to provide an account of his plan, and to reveal with whom, if anyone, he has been conspiring. But the detainee – we will call him Diola – refused to divulge any information. Instead, he expounded grandiloquently on the evils of the British state for 42 minutes, with little interruption. When the interviewer attempted questions, Diola responded with scornful, finger-jabbing accusations of ignorance, naivety and moral weakness: “You don’t know how corrupt your own government is – and if you don’t care, then a curse upon you.” Wat…

The scale of tech winners - 7 min read
We all know, I think, that there are now far more smartphones than PCs, and we all know that there are far more people online now than there used to be, and we also, I think, mostly know that big tech companies today are much bigger than the big tech companies of the past. It’s useful, though, to put some real numbers on that, and to get a sense of use how much the scale has changed, and what that means. So, the four leading tech companies of the current cycle (outside China), Google, Apple, Facebook and Amazon, or ‘GAFA’, have together over three times the revenue of Microsoft and Intel combined (‘Wintel’, the dominant partnership of the previous cycle), and close to six times that of IBM. They have far more employees, and they invest far more. (Once can of course quibble with the detail of this - the business models are different and the global scale is different. But scale is scale.)This change is even more striking if you shift the timeline. If you compare GAFA in their current dom…

Tesla fires hundreds after company-wide performance reviews - 5 min read
PALO ALTO – Tesla fired hundreds of workers this week, including engineers, managers and factory workers, even as the company struggles to expand its manufacturing and product line. The dismissals come at a crucial point for the company, which is pushing to increase vehicle production five-fold and reach a broader market with its new Model 3 sedan. The electric vehicle maker missed targets for producing the lower-cost sedan, manufacturing only 260 last quarter despite a wait list of more than 450,000 customers. The company said this week’s dismissals were the result of a company-wide annual review, and insisted they were not layoffs. Some workers received promotions and bonuses, and the company expects to hire for the “vast majority” of new vacancies, a spokesman said. “As with any company, especially one of over 33,000 employees, performance reviews also occasionally result in employee departures,” a spokesman said. “Tesla is continuing to grow and hire new employees around the wor…

Silicon Valley Is Not Your Friend - 1 min read
…
![]()
Purism - 4 min read
Purism plans to utilize Monero’s privacy respecting platform to build a cash-like, digital payment system for Librem 5 smartphone users SAN FRANCISCO, Calif., October 13, 2017 — Purism, maker of security focused hardware and software, today announced a collaboration with Monero, the only secure decentralized currency that is private by default. Purism recently started accepting Monero for payments in its online store, and this is a continuation of the company’s support for the cryptocurrency. As more central services like Equifax are hacked, exposing vulnerable user data in unprecedented ways that cause permanent damage to people’s privacy, it has become clear that centralized, individually identifiable, historic, and permanent digital footprints create a serious threat to digital privacy and human rights. Purism, on the heels of its successful smartphone crowdfunding campaign which has raised more than $1.5 million, is looking to address this threat by incorporating cryptocurrencies…
ProseMirror 1.0 - 4 min read
Two years ago, I started the ProseMirror project because I wanted to take a stab at a better approach to WYSIWYG-style editing. Today, I’m releasing version 1.0 of the library. The architecture and scope of the project have changed quite a bit during its lifetime, but I feel that the original goal has been met. ProseMirror is a Web interface component, and though some of the challenges it tackles are specific to the strengths and (especially) weaknesses of the Web platform, don’t think of it as another TinyMCE alternative. Rather, it is a more general take on rich text editing that happens to be implemented in JavaScript for the browser. Most importantly, ProseMirror is agnostic to the actual document shape, making it possible to build applications on top of this library that in the past would have required a fully custom editor implementation. What I mean by being agnostic to document shape is ProseMirror’s schema feature. The core editor has no built-in opinion about what a d…
Microsoft breaches data protection law with Windows 10 - 5 min read
Microsoft breaches the Dutch data protection law by processing personal data of people that use the Windows 10 operating system on their computers. This is the conclusion of the Dutch Data Protection Authority (DPA) after its investigation of Windows 10 Home and Pro. Microsoft does not clearly inform users about the type of data it uses, and for which purpose. Also, people cannot provide valid consent for the processing of their personal data, because of the approach used by Microsoft. The company does not clearly inform users that it continuously collects personal data about the usage of apps and web surfing behaviour through its web browser Edge, when the default settings are used. Microsoft has indicated that it wants to end all violations. If this is not the case, the Dutch DPA can decide to impose a sanction on Microsoft. In the Netherlands over 4 million active devices use Windows 10 Home and Pro. Microsoft continuously collects technical performance and user data (e.g. which ap…

Invited Talk - 1 min read
Guy L. Steele has been instrumental in designing and documenting several programming languages. Guy has served on accredited standards committees X3J11 (C language) and X3J3 (Fortran), and served as chairman of X3J13 (Common Lisp). He was also a member of the IEEE committee that produced the IEEE Standard for the Scheme Programming Language, IEEE Std 1178-1990. At Thinking Machines Corporation he co-developed the languages Connection Machine Lisp, C*, and Connection Machine Fortran. Whilst at Sun Microsystems (and now at Oracle) he has advised on the evolution of the Java programming language. He is author or co-author of five books: Common Lisp: The Language, C: A Reference Manual, The Hacker’s Dictionary, The High Performance Fortran Handbook, and The Java Language Specification. He has been given the Grace Murray Hopper Award (1988), the ACM SIGPLAN Programming Languages Achievement Award (1996), and the Harry H. Goode Memorial Award (2007)….

I Like Julia Because It Scales and Is Productive: Some Insights From A Julia Developer - 30 min read
In this post I would like to reflect a bit on Julia. These are my personal views and I have had more than a year developing a lot of packages for the Julia programming language. After roaming around many different languages including R, MATLAB, C, and Python; Julia is finally a language I am sticking to. In this post I would like to explain why. I want to go back through some thoughts about what the current state of the language is, who it’s good for, and what changes I would like to see. My opinions changed a lot since first starting to work on Julia, so I’d just like to share the changed mindset one has after using the language deeply. Julia is not only a fast language, but what makes it unique is how predictable the performance and the compilation process is. The language gives you lots of introspection tools to be able to easily isolate issues. The opt-in type checking and allowing many different architectures to be fast is a strong bonus for software development, especially whe…
An essay on the history of mathematical typography - 33 min read
From boiling lead and black art: An essay on the history of mathematical typography Math fonts from six different type systems, courtesy Chalkdust I’ve always felt like constructing printed math was much more of an art form than regular typesetting. Someone typesetting mathematics is less a “typist” and more an artist attempting to render abstract data on a two-dimensional surface. Mathematical symbols are themselves a language, but they are fundamentally a visual representation of human-conceived knowledge—knowledge that would be too inefficient to convey through verbal explanations. This brings the typesetting of mathematics closer to a form of data visualization than regular printed text. No matter how hard it’s ever been to create printed text, creating printed math has always been even harder. In pre-digital times, equation-laden texts were known as “penalty copy” because of the significant additional time and expense it took to set math notation for printing presses. Even whe…
5 things we learned from Waymo’s big self-driving car report - 8 min read
Sign in Sign up or login to join the discussions! Sign up to comment and more Sign up A 43-page safety report suggests Waymo is gearing up to release a product. Waymo just dropped a 43-page white paper called the Waymo Safety Report that provides a wealth of new details about Waymo’s vision for the self-driving car product the company is getting ready to launch. Officially, the document is a regulatory filing with the National Highway Traffic Safety Administration, which has encouraged—but not yet required—the makers of self-driving cars to file a report describing how they expect to deal with a variety of safety issues. But the document is also another part of the public education campaign the company has been running to convince Americans of the benefits of its technology. It’s fundamentally a marketing document rather than a technical one, so it leaves a lot of unanswered questions about exactly how Waymo’s technology will work. Still, it provides a lot of new information—and…

Yemen's cholera outbreak now the worst in history as millionth case looms - 5 min read
Experts predict fastest-spreading cholera epidemic since records began will affect at least 1 million people by turn of year, including at least 600,000 children Experts predict fastest-spreading cholera epidemic since records began will affect at least 1 million people by turn of year, including at least 600,000 children The cholera epidemic in Yemen has become the largest and fastest-spreading outbreak of the disease in modern history, with a million cases expected by the end of the year and at least 600,000 children likely to be affected. The World Health Organization has reported more than 815,000 suspected cases of the disease in Yemen and 2,156 deaths. About 4,000 suspected cases are being reported daily, more than half of which are among children under 18. Children under five account for a quarter of all cases. The spread of the outbreak, which has quickly surpassed Haiti as the biggest since modern records began in 1949, has been exacerbated by hunger and malnutrition. Whil…

World’s first “negative emissions” plant turns carbon dioxide into stone - 11 min read
There’s a colorless, odorless, and largely benign gas that humanity just can’t get enough of. We produce 40 trillion kg of carbon dioxide each year, and we’re on track to cross a crucial emissions threshold that will cause global temperature rise to pass the dangerous 2°C limit set by the Paris climate agreement. But, in hushed tones, climate scientists are already talking about a technology that could pull us back from the brink. It’s called direct-air capture, and it consists of machines that work like a tree does, sucking carbon dioxide (CO) out from the air, but on steroids—capturing thousands of times more carbon in the same amount of time, and, hopefully, ensuring we don’t suffer climate catastrophe. There are at least two reasons that, to date, conversations about direct air capture have been muted. First, climate scientists have hoped global carbon emissions would come under control, and we wouldn’t need direct air capture. But most experts believe that ship has sailed. That …

Why did Vikings have 'Allah' on clothes? - 5 min read
Researchers in Sweden have found Arabic characters woven into burial costumes from Viking boat graves. The discovery raises new questions about the influence of Islam in Scandinavia, writes journalist Tharik Hussain. They were kept in storage for more than 100 years, dismissed as typical examples of Viking Age funeral clothes. But a new investigation into the garments - found in 9th and 10th Century graves - has thrown up groundbreaking insights into contact between the Viking and Muslim worlds. Patterns woven with silk and silver thread have been found to spell the words “Allah” and “Ali”. The breakthrough was made by textile archaeologist Annika Larsson of Uppsala University while re-examining the remnants of burial costumes from male and female boat and chamber graves originally excavated in Birka and Gamla Uppsala in Sweden in the late 19th and mid-20th centuries. She became interested in the forgotten fragments after realising the material had come from central Asia, Persia …

Wallaroo Labs - 9 min read
We’ve been hard at work for 18 months on a new processing engine called Wallaroo for deploying and operating big data, fast data, and machine learning applications. We designed Wallaroo to make the infrastructure virtually disappear, so you get rapid deployment and easy-to-operate applications. It provides a simple model for building fast applications that scale automatically across any number of workers. With Wallaroo, you focus on your business algorithms, not your infrastructure, and you can use the Python libraries you’re already familiar with. Wallaroo uses an embedded Python interpreter to run your code rather than calling out to a separate Python process, which makes your application run faster. Wallaroo isn’t built on the JVM, which provides advantages that we will cover in a later blog post. And finally, Wallaroo is open-source. This blog post will show you how to use Wallaroo’s Python API to build elastic event-by-event processing applications. The canonical streaming data…
The Hidden Forces Behind Toutiao - 22 min read
Using Machine and Deep Learning to Create and Serve Content, China’s Toutiao Created a Product with Engagement Similar to that of Social Networks – All without a Social Graph Toutiao, one of the flagship products of Bytedance*, may be the largest app you’ve never heard of–it’s like every news feed you read, YouTube, and TechMeme in one. Over 120M people in China use it each day. Yet what’s most interesting about Toutiao isn’t that people consume such varied content all in one place… it’s how Toutiao serves it up. Without any explicit user inputs, social graph, or product purchase history to rely on, Toutiao offers a personalized, high quality-content feed for each user that is powered by machine and deep learning algorithms. Going a step further than merely serving up content, Toutiao’s algorithms also create content: During the 2016 Olympics, a Toutiao bot wrote original news coverage, publishing stories on major events more quickly than traditional media outlets. The bot-written ar…

Tech Giants, Once Seen as Saviors, Are Now Viewed as Threats - 1 min read
…

Is there an upside to having no social life? - 8 min read
The trick to being successful could, in fact, be simple. For one month, I declined all in-person activities with friends to see if it would make me more productive From my own experience interviewing highly successful artists, writers, and creative entrepreneurs I’ve found one of the most common responses to the question of how they can be so prolific to be, ‘well, I don’t have a social life.’ As a freelancer working solo from home, while my housemates head out to work, I justified a very active social life as basic human necessity. Yet when it dawned on me just how much time I was spending socialising, I realised I may be taking it to an extreme. I calculated that, on average, I was spending 22 hours or more each week on social activities. So, in a bid to see what would happen to my work output, health and wellbeing, I decided to try and cut out my social life entirely. I knew, at times, I filled my schedule simply out of fear of missing out (FOMO), an inability to say no, but al…

Introducing Gluon: a new library for machine learning from AWS and Microsoft - 6 min read
Introducing Gluon: a new library for machine learning from AWS and Microsoft Today, AWS and Microsoft announced Gluon, a new open source deep learning interface which allows developers to more easily and quickly build machine learning models, without compromising performance. Gluon provides a clear, concise API for defining machine learning models using a collection of pre-built, optimized neural network components. Developers who are new to machine learning will find this interface more familiar to traditional code, since machine learning models can be defined and manipulated just like any other data structure. More seasoned data scientists and researchers will value the ability to build prototypes quickly and utilize dynamic neural network graphs for entirely new model architectures, all without sacrificing training speed. Gluon is available in Apache MXNet today, a forthcoming Microsoft Cognitive Toolkit release, and in more frameworks over time. Neural Networks vs Developers M…

How to Do Code Reviews Like a Human (Part One) - 19 min read
Lately, I’ve been reading articles about best practices for code reviews. I notice that these articles focus on finding bugs to the exclusion of almost every other component of a review. Communicating issues you discover in a constructive and professional way? Irrelevant! Just identify all the bugs, and the rest will take care of itself. So I had a revelation: if this works for code, why not romance? With that, I’m announcing my new ebook to help developers with their love lives: My revolutionary ebook teaches you proven techniques for maximizing the number of deficiencies you find in your partner. The ebook does not cover: * Communicating issues to your partner with empathy and understanding. Based on my reading of code review literature, those parts of a relationship are obvious and not worth discussing. Does this sound like a good ebook to you? I’m assuming you just yipped “Nonononono!” So, why is that the way we talk about code reviews? I can only assume the articles I’ve re…

Google is essentially building an anti-Amazon alliance, and Target is the latest to join - 4 min read
Google and the country’s biggest brick-and-mortar retailers have one main problem in common: Amazon. Now both sides are acting like they are serious about working together to do something about it. On Thursday, Target and Google announced that they are expanding what was a years-old delivery partnership from a small experiment in a handful of cities to the entire continental U. S. The expansion will allow Target to become a retail partner in Google’s voice-shopping initiative, which lets owners of the Google Home “smart” speaker order items through voice commands like owners of the Echo can do from Amazon. The announcement comes seven weeks after Walmart inked a similar deal with Google to offer hundreds of thousands of products through the service. Other big-box retailers like Home Depot are also on board. Voice commerce was the core of these recent announcements, and it may someday become popular for types of shopping like reordering household staples. But that’s not what is most…
![]()
Google Has Made a Mess of Robotics - 6 min read
In 1982, Blade Runner introduced the world to replicants, director Ridley Scott’s term for the alarmingly lifelike robots of author Philip K. Dick’s imagination. In the past few years, there have been two buzzy follow-ups. One, a Scott-produced sequel called Blade Runner 2049, grossed a disappointing $31.5 million during its Oct. 6 opening weekend. The other, a secretive robotics division at Google named Replicant, has flopped much harder. Andy Rubin, the Google executive who created Android, began scooping up roboticists in 2013, acquiring at least nine companies in all. The shopping spree, while a side bet next to Google’s search-driven ad revenue, seemed to establish the company as the likely leader in building an army of intelligent machines. Its acquisitions were doing some of the most exciting work in the field, and its vast reach and resources made Google an ideal place to combine those efforts into a single vision. The industry welcomed its new overlord. “People were very enth…

Evolution of GitHub’s data centers - 7 min read
Over the past 18 months we’ve made a significant investment in GitHub’s physical infrastructure. The goal of this work is to improve the redundancy and global availability of our system. In doing so we’ve solidified the foundation upon which we will expand our compute and storage footprint in support of our growing user base. We’ve got four facilities, two of which are transit hotels which we call points of presence (POPs) and two of which are data centers. To give an idea of our scale, we’ve got petabytes of Git data stored for users of GitHub.com and do around 100Gb/s across transit, internet exchanges, and private network interfaces in order to serve thousands of requests per second. Our network and facilities are built using a hub and spoke design. We operate our own backbone between Seattle and northern Virginia POPs which provides more consistent latencies and throughput via protected fiber. The POPs are a few cabinets primarily composed of networking equipment. They’re placed …
Equifax website borked again, this time to redirect to fake Flash update - 5 min read
In May credit reporting service Equifax’s website was breached by attackers who eventually made off with Social Security numbers, names, and a dizzying amount of other details for some 145.5 million US consumers. For several hours on Wednesday, and again early Thursday morning, the site was maliciously manipulated again, this time to deliver fraudulent Adobe Flash updates, which when clicked, infected visitors’ computers with adware that was detected by only three of 65 antivirus providers. Randy Abrams, an independent security analyst by day, happened to visit the site Wednesday evening to check what he said was false information he had just found on his credit report. Eventually, his browser opened up a page on the domain hxxp//:centerbluray.info that looked like this: Why the Equifax breach is very possibly the worst leak of personal info everHe was understandably incredulous. The site that previously gave up personal data for virtually every US person with a credit history was on…

Early Facebook Employees Regret the Monster They Created - 6 min read
The first thing you see when you drive along the Bayfront Expressway near Willow Road, in Menlo Park, is the sign. It’s wide and rectangular, painted the iconic Facebook blue, and smack in the middle, framed by a ground covering of red mulch, is the renowned Facebook thumbs-up icon. That sign, like Facebook, has become famous beyond anyone’s wildest imagination. Tourists visiting San Francisco make the hour-long pilgrimage down to Hacker Way to see the sign in person. Some take selfies in front of it, others stand next to it and imitate the ascending digit. That sign is also something of a metaphor: it’s the line that separates where employees can go—inside the highly secure, Tetris-like buildings that make up Facebook’s headquarters—and the public cannot. It’s the border between Facebook’s public image and its own vision of itself. These days, that is fraught territory. A rift is starting to develop between the people who work for Facebook, and those who simply use the platform. Coun…

Cryptocurrency mining affects over 500 million people. And they have no idea it is happening. - 6 min read
This autumn the news spread that some websites had been making money by mining cryptocurrencies in their users’ browsers. We have been among the first to add protection from this hidden activity. AdGuard users now receive warnings if a website has been trying to mine, and the users are given the option to let it continue or to block the mining script from running. We decided to research the issue more so that we could understand its scale and impact. On the Alexa list of the top one hundred thousand websites, we looked for the codes for CoinHive and JSEcoin, the most popular solutions for browser mining in use now. We found 220 sites that launch mining when a user opens their main page, with an aggregated audience of 500 million people. These people live all over the world; there are sites with users from the USA, China, South American and European countries, Russia, India, Iran… and the list goes on. 220 sites may not seem like a lot. But CoinHive was launched less than one month a…

CockroachDB 1.1 Released - 5 min read
Today, we are thrilled to announce the release of CockroachDB 1.1. We’ve spent the last five months incorporating feedback from our customers and community, and making improvements that will help even more teams move to CockroachDB. We are also excited to share success stories from a few of our customers. Baidu, one the world’s largest internet companies, shares how they are using CockroachDB to automate operations for applications that process 50M inserts and 2 TB of data daily. Heroic Labs, a software startup, shares how they simplified deployment of their gaming platform-as-a-service by packaging CockroachDB inside each server. CockroachDB 1.1 focuses on three areas: seamless migration from legacy databases, simplified cluster management, and improved performance in real-world environments. As we approached the 1.1 release, we wanted to understand the sticking points teams had when migrating from traditional RDBMS and NoSQL databases to CockroachDB. We identified issues around da…

Byzantium HF Announcement - 3 min read
The Ethereum network will be undergoing a planned hard fork at block number 4.37mil (4,370,000), which will likely occur between 12:00 UTC and 13:00 UTC on Monday, October 16, 2017. The Ropsten test network underwent a hard fork on September 19th (UTC) at block number 1.7mil (1,700,000). A countdown timer can be seen at https://fork.codetract.io/. Download the latest version of your Ethereum client: Ethereum websites and mobile applications that allow you to store ether and/or make transactions are running their own Ethereum client infrastructure to facilitate their services. If you use a third-party web-based or mobile Ethereum wallet, your wallet provider may need to update for the hard fork. It is recommended that you check with them to see what actions they are taking to update for the hard fork and if they are asking their users to take other steps. A hard fork is a change to the underlying Ethereum protocol, creating new rules to improve the system. The protocol changes are ac…
Atom’s new concurrency-friendly buffer implementation - 1 min read
…
Analysing C# code on GitHub with BigQuery - 6 min read
Just over a year ago Google made all the open source code on GitHub available for querying within BigQuery and as if that wasn’t enough you can run a terabyte of queries each month for free! So in this post I am going to be looking at all the C# source code on GitHub and what we can find out from it. Handily a smaller, C# only, dataset has been made available (in BigQuery you are charged per byte read), called fh-bigquery:github_extracts.contents_net_cs and has Which is a pretty comprehensive set of C# source code! The rest of this post will attempt to answer the following questions: Then moving onto some less controversial C# topics: Before we end up looking at repositories, not just individual C# files: If you want to try the queries for yourself (or find my mistakes), all of them are available in this gist. There’s a good chance that my regular expressions miss out some edge-cases, after all Regular Expressions: Now You Have Two Problems: Some people, when confronted with a p…
An anarchist takes on Big Pharma — by promoting DIY prescription drugs - 1 min read
ENLO PARK, Calif. — The anarchist grew animated as he explained his plan to subvert a pillar of global capitalism by teaching the poor to make their own medicines — pharmaceutical industry patents be damned. Then he took another sip from a flute of Taittinger Champagne….

10 Years of Clojure - 1 min read
Need to report the video? Sign in to report inappropriate content. Sign in Want to watch this again later? Sign in to add this video to a playlist. Sign in Need to report the video? Sign in to report inappropriate content. Sign in Want to watch this again later? Sign in to add this video to a playlist. Sign in Sign in to make your opinion count. Sign in to make your opinion count….

Why PostgreSQL is better than MySQL - 3 min read
Someone recently tweeted about the fantastic news that MySQL fixed a bug. Now in my world, bugs get fixed quickly and well. Bugs happen and they need to be fixed. It never occurred to me that we should ever tweet or blog about the fixing of a bug. I guess I assume it’s just quality: bugs get fixed, no drama – people depend upon us to do just that so that the (literally) millions of PostgreSQL servers out there run well. That’s our job and I’m happy and proud to do that job alongside my colleagues at 2ndQuadrant and my colleagues in other PostgreSQL companies and in the wider community. So the bug in question was “number 199″… check this out http://lefred.be/content/bye-bye-bug-199/ It’s always been a big argument in the PostgreSQL community about whether we need a bug tracker or not. Obviously, if you fix bugs, why track them? And if you don’t fix bugs, why track them? Hmmm, not sure that’s a hugely rational argument or not, but let’s look at the MySQL bug tracker for bug 199 Yes,…
Press Conference at ESO HQ Announcing Unprecedented Discovery - 2 min read
ESO will hold a press conference on 16 October 2017 at 16:00 CEST, at its Headquarters in Garching, Germany, to present groundbreaking observations of an astronomical phenomenon that has never been witnessed before. The event will be introduced from ESO’s Paranal Observatory in Chile by the Director General, Xavier Barcons, and will feature talks by representatives of many research groups around Europe. This invitation is addressed exclusively at media representatives. To participate in the conference, bona fide members of the media must register by completing an online form. Please indicate whether you wish to come in person to the press conference or if you will participate online only. By registering for the conference, journalists agree to honour an embargo, details of which will be provided after registration, and not to publish or discuss any of the material presented before the start of the conference on 16 October 2017 at 16:00 CEST. On site journalists will have a question…

How to Setup a Company in Germany for English Speaking People. - 7 min read
Setting up a company may appear tricky not only for foreigners but for natives as well, in almost every country. A quick google search of “How to setup a company in Germany” yields numerous results, from paid services to informal lists and how-tos. This page aims to help both the curious international entrepreneur and German native in navigating the wealth of information available starting a company in German, with details both in English and in German. The following article lays out the full journey on registering the most common forms: GmbH and UG, with an appendix and summarized tl;dr at the end for your convenience. You want to make a company that is Great! The first thing you will need to do is identify the type of company you are going to form in legal terms. If you are new to establishing a company, it is most likely that you will be interested in a UG or a GmbH. (For partnerships and other more complicated organizations, it may be better talk to a lawyer). Both a UG a…
Containers and Distributed Systems: Where They Came From and Where They’re Going - 11 min read
Florian Leibert, CEO of Mesosphere, recently sat down with Chuck McManis to talk about the challenges he faced developing early distributed systems, the origins of container technology, and the future of computing. If you’re on Hacker News, you probably already know Chuck, who is active under his handle, ChuckMcM. This fascinating conversation delves into the early problems Chuck and his teams had to solve when building distributed systems, the lessons they learned, and how they’ve shaped the present – and probably the future of computing. Florian Leibert (FL): Hi Chuck, can you give us a background of your engineering career, which is as long as it is impressive. You’ve really worked in the lower layers of the stack for a very long time, and maybe you can just tell us a little bit about that. Chuck McManis (CM): I came to the Bay Area in the mid ’80s and I went to work for Intel. Then I was recruited out of Intel by a startup called Sun Microsystems. I joined in ’86, the day after t…

When 20,000 American Nazis Descended Upon New York City - 3 min read
More When 20,000 American Nazis Descended Upon New York City In 1939, the German American Bund organized a rally of 20,000 Nazi supporters at Madison Square Garden in New York City. When Academy Award-nominated documentarian Marshall Curry stumbled upon footage of the event in historical archives, he was flabbergasted. Together with Field of Vision, he decided to present the footage as a cautionary tale to Americans. The short film, A Night at the Garden, premieres on The Atlantic today. “The first thing that struck me was that an event like this could happen in the heart of New York City,” Curry told The Atlantic. “Watching it felt like an episode of The Twilight Zone where history has taken a different path. But it wasn’t science fiction – it was real, historical footage. It all felt eerily familiar, given today’s political situation.” Rather than edit the footage into a standard historical documentary with narration, Curry decided to “keep it pure, cinematic, and unmediated, as …

Exploding Git Repositories – Kate Murphy - 3 min read
If you are an adventurous sort (and can handle a potential reboot) I invite you to clone this tiny repo: Were you able to clone it? Unless you have quite a lot of memory (both RAM and storage) git was killed, ran out of memory, or you had to reboot. Why is this? It is a perfectly formed repo made of only 12 objects. How does a tiny repo cause git to run out of memory? The secret is that git de-duplicates “blobs” (which are used to store files) to make repositories smaller and allow using the same blob when a file remains unchanged between commits. Git also allows de-duplication of “tree” objects (which define the directory structure in a repository). git-bomb tries to make a billion files, however it only has 10 references to the file blob and only has 10 tree objects in all. This is extremely similar to the “billion laughs” (aka “XML bomb”) hence the name “git bomb”. At the bottom there is a file blob containing “one laugh”: There is one tree object that refers to this blob 10 ti…

Deputy Attorney General Rosenstein’s “Responsible Encryption” Demand is Bad and He Should Feel Bad - 7 min read
Skip to main content Email updates on news, actions, and events in your area. Deputy Attorney General Rosenstein’s “Responsible Encryption” Demand is Bad and He Should Feel Bad Deputy Attorney General Rod Rosenstein delivered a speech on Tuesday about what he calls “responsible encryption” today. It misses the mark, by far. Rosenstein starts with a fallacy, attempting to convince you that encryption is unprecedented: Our society has never had a system where evidence of criminal wrongdoing was totally impervious to detection, especially when officers obtain a court-authorized warrant. But that is the world that technology companies are creating. In fact, we’ve always had (and will always have) a perfectly reliable system whereby criminals can hide their communications with strong security: in-person conversations. Moreover, Rosenstein’s history lesson forgets that, for about 70 years, there was an unpickable lock. In the 1770s, engineer Joseph Bramah created a lock that remained …

As the 747 Begins Its Final Approach, a Pilot Takes a Flight Down Memory Lane - 1 min read
…

Exploring the 'Bullshit Castle': Airbus Corruption Scandal May Lead Straight to the Top - 12 min read
This is a story of a global company. About its secrets. It is the story of a corrupt corporation. It is a story that begins with the word “shit,” with a Dacia Duster and with a tiny company that could cost the CEO of Airbus his job. Because he, too, apparently has a bit of a skeleton in his closet. But first things first. First, the word “shit”: It is June and top company managers have gathered for a meeting in Toulouse, France. CEO Tom Enders is standing on the stage. He has been with the company for 17 years, but his English is still less than fluent and he speaks with a heavy accent. But the message to his top managers is nevertheless crystal clear. “If there are still people in this room, that believe we should put the shit under the rug – then I would have to say, I give up on these people.” Enders, 58, speaks of a past that Airbus has long sought to deny, years in which the company partly relied on bribes as it rose to become the world’s second-largest airplane manufacturer,…

Traceroute Lies! A Typical Misinterpretation Of Output - 4 min read
Sometimes a user with performance issues will proudly present me with a traceroute and point to a particular hop in the network and accuse it of being the problem because of high latency on the link. About 1 time in 1000 they are correct and the link is totally saturated. The other 999 times, well, let me explain. Here’s a typical traceroute I might be sent by a user (IPs and hostnames are altered to protect the innocent): the user cries, The link from atl-edge to ga-core is clearly all messed up because the latency goes from 20ms to 106ms! Isn’t it amazing that the link in question apparently adds 90ms of latency, yet the link between hops 6 and 7 (the jump from east coast USA to the United Kingdom) appears to show no latency increase at all? In fact, isn’t it odd that the latency for every hop from 3 onwards is about the same? I know that many people reading this will already know why this is, but for those who do not (and there’s no shame in that), this is indicative of there be…

Reverse Proxy Grapher - 2 min read
I am working on documentation for an upcoming security audit and needed a way to display how various externally available ports and URLs mapped to internal VMs, clusters, and services. I didn’t want to draw them manually in various charting tools because this is the kind of data that quickly becomes obsolete as things are added and retired – and manually rejigging things every time a node is added or deleted takes a lot of effort. So, I wrote a small tool in python that uses graphviz to generate such graphs automatically. All it requires is a simple yaml file like this: Then it will generate a pretty graph like this: You can also plug the XML output of your nmap scans to add some more details to your graph, such as hostnames and product/version details identified by nmap: There’s still lots of missing functionality in the code – for example, I’ve not tested how badly this would break with ipv6 at all, plus there’s no way to specify multiple proxy levels. However, hopefully this s…
The real roots of early city states may rip up the textbooks - 8 min read
THE emergence of state authority was a logical consequence of the move to settled agriculture, or so we thought. Until recently, we also assumed that ancient peoples welcomed the advantages of this way of life as well as the growth of state leadership, since it was key to the development of culture, crafts and civil order. Over the past 50 years, though, more and more cracks have appeared in this picture. We now know settled agriculture existed for several thousand years before the emergence of the city states of the Near East and Asia. In the past few years, archaeologists have been stunned to find 11,000-year-old structures such as those at Göbekli Tepe, in what is now southern Turkey. These were built by peoples who foraged, and who also developed specialised skills, both artistic and artisanal. This is a surprise, and leaves researchers busily trying to get the story straight – something that really matters for a number of reasons. Traditional definitions of the state and its aut…

Gender Distribution in North Korean Posters – Digital NK - 17 min read
A brief analysis of gender distribution in visual representations of everyday life in North Korea using facial recognition algorithms and transfer learning applied to convolutional neural networks. A couple months ago, I was invited to participate in a workshop on North Korean posters organized by Prof. Koen de Ceuster at Leiden University in the Netherlands. The posters came from the private collection of Willem van der Bijl, a Utrecht-based stamp dealer, who had been purchasing North Korean posters regularly for over a decade. Prof. de Ceuster had arranged to get the posters digitalized and they are now available as part of Leiden University’s Digital Collections. Access to the collection currently still requires an account, but this might change in the future. Each poster in the collection has been enriched with metadata such as its title, the name of the artist and date of production (if available), the main themes, a brief description of the poster’s content and various technica…
Debugging C with Haskell's Divisible - 12 min read
A good type system covers a lot of the small bugs. Unit tests, careful design, and a sound mind can get you through some bigger ones. But sometimes complex bugs in large codebases call for heavy-duty debugging tools. One such tool is Delta Debugging, which repeatedly shrinks recursive data structures to find a minimal counterexample that still exhibits the bug. You’ll appreciate the technique if you’ve ever used git bisect to locate a small breaking change in a large codebase. * Uses Haskell’s FFI to control a C chess engine * Locates an error introduced into the chess engine In my last article, I implemented a chess engine in C. I’ve introduced an error into its move generator. Recall that the move generation involved 5 functions: The “gold standard” for testing a chess engine is to compare the output of the above perft function with published reference values. The bug that we’ll be finding is easily visible from the starting state of the board, so new_game will be the only games…
The SQL I Love <3. Efficient pagination of a table with 100M records - 8 min read
I am a huge fan of databases. I even wanted to make my own DBMS when I was in university. Now I work both with RDBMS and NoSQL solutions, and I am very enthusiastic with that. You know, there’s no Golden Hammer, each problem has own solution. Alternatively, a subset of solutions. In the series of blog posts The SQL I Love I walk you thru some problems solved with SQL which I found particularly interesting. The solutions are tested using a table with more than 100 million records. All the examples use MySQL, but ideas apply to other relational data stores like PostgreSQL, Oracle and SQL Server. This Chapter is focused on efficient scanning a large table using pagination with offset on the primary key. This is also known as keyset pagination. In the chapter, we use the following database structure for example. The canonical example about users should fit any domain. CREATE TABLE users ( user_id int(11) unsigned NOT NULL AUTO_INCREMENT, external_id varchar(32) NOT NULL, `name…

Web Audio Modem - 8 min read
Lately, I’ve been working with a client where my development computer is not connected to the Internet. This is a huge inconvenience, as the unavailability of Google and Stack Overflow vastly impact my productivity. Only recently have I begun to grasp how much of my time is actually spent copy/pasting between Visual Studio and the browser. My office also features an Internet connected laptop and my development computer expose 3,5 mm jack sockets for audio devices. And thus my problems can be solved! Here’s how I made a modem for closing the gap with Web Audio. PS If you just want to try the modem already, head over to the live demo. Also check out the source code on github. Our modern era copy/paste implementation will be based on the Web Audio API which is supported by all major browsers. Most notably we’ll leverage instances of OscillatorNode to encode data as an audio signal composed of sinusoids at preselected frequencies. The audio signal is decomposed using an AnalyserNode in …

Meet a convicted felon who became a Georgetown law professor - 13 min read
Jailhouse lawyers are prisoners who manage to learn enough about the law while incarcerated to help themselves and other inmates with legal problems. We get letters from them every week. Tonight, we are going to introduce you to Shon Hopwood, who is arguably the most successful jailhouse lawyer ever—having had one of his cases argued before the U. S. Supreme Court while serving a 12-year sentence for armed bank robbery. Since his release he’s built a resume as a legal scholar, and been published in top law journals. We met him at one of the nation’s premiere law schools where he’s become its newest professor – a tale of redemption as improbable as any you’re likely to hear. Shon Hopwood: Question one is: Was there a constitutional violation? In his first semester at Georgetown University, Professor Hopwood is teaching criminal law. Shon Hopwood: Were the first statements unlawfully obtained? Yes. The irony isn’t lost on him or his students who know that he’s a convicted felon an…

the software engineering notebook - 3 min read
Fellow software engineers/hackers/devs/code gardeners, do you keep a notebook (digital or plain dead-tree version) to record things you learn? Since my days assembling glassware and synthesizing various chemicals in the organic chemistry lab, I’ve found keeping notes to be an indispensable tool at getting better and remembering important lessons learned. One of my professors recommended writing down, after every lab sessions, what had been accomplished and what needed to be done next time. When lab sessions are few and far apart (weekly instead of daily), it is easy to forget the details (for example, the mistakes that were made during weighing of chemicals ). A good quick summary helps with this! When I first started working for a software company, I was overwhelmed. Academic software development was indeed very different to large scale distributed software development. For example, the academic software I wrote was rarely version controlled and had few tests. I had never heard of a…
Reverse Engineering an Eclipse Plugin - 11 min read
Firstly I want to note I’m not a security researcher, ethical hacker or at all competent at reverse engineering. I’m currently working as a Java developer but I’ve always had an hobby interest in computer security. Recently I’ve been ever more interested in the security side of things and have been studying various topics, from binary exploitation, reverse engineering to WPA cracking. I decided I would start writing blogs on my learning; and the application of that learning. Even if nobody reads it at least I will have notes on previous projects, and I find that writing things down always commits my thoughts more thoroughly. Today I had quite a bit of free time so I decided I would try my hand at reverse engineering. My experience with Java is sound having programmed commercially with it for a number of years, and Java decompilers can normally provide the exact source code (providing no obfuscation was undertaken), so reverse engineering something written in Java seemed like the best…

The Toxic Saga of the World’s Greatest Fish Market - 18 min read
The Toxic Saga of the World’s Greatest Fish Market More than 16 years and 600 billion yen later, the fate of Tokyo’s Tsukiji market is still up in the air Tsukiji is the most exalted fish market on earth, the sort of humbling place that causes the likes of globally worshipped god-chef René Redzepi to deem it one of the “seven culinary wonders of the world.” With nearly 671 licensed wholesale dealers selling more than 500 different kinds of seafood — $17 million worth a day, and more than 700,000 tons a year — the 23-hectare market is so vital to the global commercial flow of fish that it’s almost impossible to imagine how the international sea critter industry would fare without it. But the occupants of this oceanic oasis have been dancing to a slow swan song. Last November, after more than 80 years in its current location, Tsukiji’s inner market, the fish-slinging heart of the operation, was supposed to move to Toyosu, a man-made island about 1.5 miles south, where a freshly constr…
![]()
What is Nix and Why you should try it! - 5 min read
Normally our Unix systems organise the file system in a structure called the Filesystem Hierarchy Standard (FHS). Installing into an FHS has limitations, what would happen if we want to install, for example, two different versions of ruby at the same time? Typically this isn’t possible without explicitly specifying a separate installation directory, if we just install to the usual place e.g. /usr/bin then we will just overwrite the previous ruby. So perhaps we would install one ruby into /usr/bin and another into /usr/local/bin, this is fine, but what about dependent libs? Assuming the two different versions of ruby do require different dependencies then we have potentially the same problem that the dependencies for the 1st ruby might overwrite the dependencies for the 2nd ruby. Nix gets around this to some extent by not using FHS, instead nix installs all files into the nix store, which is usually located at /nix/store. All programs in a nix store are identified by their store path,…
Finish your stuff - 4 min read
If there is one principle that should be added to the UNIX philosophy, it is: It’s the most simple, yet the most disregarded software engineering princinple I can think of. I dare you to list three finished software projects. Except for some basic UNIX tools, like grep or make, it’s almost impossible to find anyting that’s truly finished, not simply abandoned. Imagine the carpenters were like programmers. You bought a chair. You bought it because you’ve inspected it and found out that it fulfills all your needs. Then, every other day, the carpenter turns up at your place and makes a modification to the chair. Some of the changes may be useful, some neutral, some are simply annoying and some, like those spikes protruding from the wood, make the chair no longer usable. But irrespective of that: You bought a damned chair and you want it to remain a chair, not to find out that it’s some kind of protean piece of furniture that’s a chair today and partly a table tomorrow and, who knows, …
We're the Rats, and Facebook Likes Are the Reward - 8 min read
One of the most popular announcements at Google’s recent developers conference was the new version of Google Maps, which has a lot of spiffy new bells and whistles, to be sure. But there’s an ominous side note here: The new Google Maps for mobile devices allows marketers to offer products and deals based on the consumer’s physical location. We’re entering the age of Skinnerian Marketing. Future applications making use of big data, location, maps, tracking of a browser’s interests, and data streams coming from mobile and wearable devices, promise to usher in the era of unprecedented power in the hands of marketers, who are no longer merely appealing to our innate desires, but programming our behaviors. And the new Google Maps is just the start. Google, Facebook, Twitter, retailers, and thousands of application developers are now positioned to keep users engaged on Web sites and program behaviors. That is, to operant condition them. In the 1930’s, B. F. Skinner developed the concept of …

The World's Smallest Movie - 1 min read
You’re about to see the movie that holds the Guinness World Records™ record for the World’s Smallest Stop-Motion Film (see how it was made at http://youtu.be/xA4QWwaweWA). The ability to move single atoms — the smallest particles of any element in the universe — is crucial to IBM’s research in the field of atomic memory. But even nanophysicists need to have a little fun. In that spirit, IBM researchers used a scanning tunneling microscope to move thousands of carbon monoxide molecules (two atoms stacked on top of each other), all in pursuit of making a movie so small it can be seen only when you magnify it 100 million times. A movie made with atoms. Learn more about atomic memory, data storage and big data at http://www.ibm.com/madewithatoms…

The Neural Net Tank Urban Legend - 78 min read
By the way, the story about the two pictures of a field, with and without army tanks in the picture, comes from me. I attended a meeting in Los Angeles [at RAND?], about half a century ago [~1963?] where someone gave a paper showing how a random net could be trained to detect the tanks in the picture. I was in the audience. At the end of the talk I stood up and made the comment that it was obvious that the picture with the tanks was made on a sunny day while the other picture (of the same field without the tanks) was made on a cloudy day. I suggested that the neural net had merely trained itself to recognize the difference between a bright picture and a dim picture. While Kanal & Randall 1964 matches in some ways, including the image counts, there is no mention of failure either in the paper or Kanal’s 1991 reminiscences, and given use of binarizing, it’s not clear to me that their 2-layer algorithm even could overfit to global brightness; the photos also appear to have been taken at …